URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Submission: On January 07 via manual from US — Scanned from DE

Summary

This website contacted 33 IPs in 4 countries across 20 domains to perform 157 HTTP transactions. The main IP is 2a02:e980:5a::79, located in United States and belongs to INCAPSULA, US. The main domain is www.thedailystar.net. The Cisco Umbrella rank of the primary domain is 270633.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 21st 2021. Valid for: a year.
This is the only time www.thedailystar.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2a02:e980:5a::79 19551 (INCAPSULA)
3 2a00:1450:400... 15169 (GOOGLE)
16 107.154.80.121 19551 (INCAPSULA)
1 143.204.98.34 16509 (AMAZON-02)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 104.75.88.126 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 143.204.98.17 16509 (AMAZON-02)
1 3.136.15.54 16509 (AMAZON-02)
20 142.250.186.130 15169 (GOOGLE)
1 2.18.235.40 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f11... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
23 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
2 2a02:2638:1::11 44788 (ASN-CRITE...)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
14 2a02:2638:1::3 44788 (ASN-CRITE...)
2 178.250.2.148 44788 (ASN-CRITE...)
10 178.250.2.135 44788 (ASN-CRITE...)
4 178.250.2.150 44788 (ASN-CRITE...)
8 2a00:1450:400... 15169 (GOOGLE)
157 33
Apex Domain
Subdomains
Transfer
34 googlesyndication.com
1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 127
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
1 MB
28 criteo.net
static.criteo.net — Cisco Umbrella Rank: 587
pix.eu.criteo.net — Cisco Umbrella Rank: 7190
csm.eu.criteo.net — Cisco Umbrella Rank: 7303
559 KB
21 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 175
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
223 KB
21 thedailystar.net
www.thedailystar.net — Cisco Umbrella Rank: 270633
img.thedailystar.net — Cisco Umbrella Rank: 544770
592 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 151
258 KB
6 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12937
ads.eu.criteo.com — Cisco Umbrella Rank: 7328
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11592
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9529
99 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 8
adservice.google.com — Cisco Umbrella Rank: 69
2 KB
5 gstatic.com
fonts.gstatic.com
225 KB
5 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1343
m.addthis.com — Cisco Umbrella Rank: 1311
218 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
196 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
ajax.googleapis.com — Cisco Umbrella Rank: 258
33 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 88
401 B
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 202
13 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6151
adservice.google.de — Cisco Umbrella Rank: 8579
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
20 KB
2 alexametrics.com
certify-js.alexametrics.com — Cisco Umbrella Rank: 6312
certify.alexametrics.com — Cisco Umbrella Rank: 3438
3 KB
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1539
913 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 348
1 KB
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 398
3 KB
157 20
Domain Requested by
23 tpc.googlesyndication.com securepubads.g.doubleclick.net
1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com
tpc.googlesyndication.com
20 securepubads.g.doubleclick.net www.thedailystar.net
securepubads.g.doubleclick.net
www.googletagservices.com
16 img.thedailystar.net www.thedailystar.net
img.thedailystar.net
14 static.criteo.net ads.eu.criteo.com
10 pix.eu.criteo.net ads.eu.criteo.com
8 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7 www.googletagservices.com securepubads.g.doubleclick.net
1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com
5 fonts.gstatic.com fonts.googleapis.com
5 www.thedailystar.net www.thedailystar.net
4 csm.eu.criteo.net ads.eu.criteo.com
4 www.google.com www.thedailystar.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 s7.addthis.com www.thedailystar.net
s7.addthis.com
4 connect.facebook.net www.thedailystar.net
connect.facebook.net
img.thedailystar.net
3 1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 www.facebook.com www.thedailystar.net
3 cdnjs.cloudflare.com www.thedailystar.net
ads.eu.criteo.com
3 fonts.googleapis.com www.thedailystar.net
cdnjs.cloudflare.com
2 cat.nl.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com 1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com
2 www.google-analytics.com www.thedailystar.net
1 rtb.nl.eu.criteo.com www.thedailystar.net
1 rtb.fr.eu.criteo.com www.thedailystar.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.google.de www.thedailystar.net
1 stats.g.doubleclick.net www.google-analytics.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.thedailystar.net
1 certify.alexametrics.com www.thedailystar.net
1 cdn.jsdelivr.net www.thedailystar.net
1 ajax.googleapis.com www.thedailystar.net
1 certify-js.alexametrics.com www.thedailystar.net
157 34
Subject Issuer Validity Valid
*.thedailystar.net
Go Daddy Secure Certificate Authority - G2
2021-01-21 -
2022-02-22
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
certify-js.alexametrics.com
Amazon
2021-06-14 -
2022-07-13
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-10-16 -
2022-01-14
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2021-04-25 -
2022-04-27
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
certify.alexametrics.com
Amazon
2021-06-14 -
2022-07-13
a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon
2021-10-12 -
2022-11-10
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2021-01-21 -
2022-01-25
a year crt.sh
www.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
www.google.de
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.google.de
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-11-03 -
2022-01-31
3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-11-03 -
2022-01-31
3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-11-03 -
2022-01-31
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-12-01 -
2022-02-24
3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-12-01 -
2022-02-25
3 months crt.sh

This page contains 16 frames:

Primary Page: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Frame ID: F7AE237357B21C039633EBE562763BC7
Requests: 60 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: C85CB3C4BFDDD60E1C6BB2B482029171
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 6BCCB77D66E62E9EF748D78A96258912
Requests: 1 HTTP requests in this frame

Frame: https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F74AB06D6AF9E835FD897CDC8D65E69E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvS65pTOJD-aMeGSU3zZKq61nM5lRq0WfqhNFQ3uCGNvobbO6Y_SYJ5-023DolbJqXsoGKahcYw7GNXh6z0sB9WTaLAtkQEwtzUIs1iyKDv6FGya3LxD8ymGqio9-xby5DYznqtQ4QWpHBoPRIIffFo98GNLCGvBh5zJcmlz11ZiXa6_Ro7zj-Cd4dXzNOLQpOqMOtq8UMxCVDPK0m29wOHplSd130fihgqaWbBqLV8qZpTCv7Jdo_7LLBoXS8MhVfxcG6oo8ETrHQyOPBBVNTS4BaoIjo1eCl0IRHeyrezUWZ_vTAVuGG8Ky4yfxl-Iu0N8AY&sai=AMfl-YSD8WSByi5D9lAlaQsNNXS65QOWjvMnQgIqLpKVcyx6Q-SuHgLwAdDzJjS3ZRQkHDf3l-kHpu7AMZFgqxga498S0dszOtquqdE3xkSGzKbAGsTB7hCo0u0eTa_dyJ83&sig=Cg0ArKJSzDK4d4MXejfVEAE&uach_m=[UACH]&adurl=
Frame ID: ADBF1EFB1BCC74FE72CB0F0B3716CF25
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js
Frame ID: B58CE48AF77F102AAF47A75CBBAC2A54
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 620B5B0BD4214FAC3E510483C7EDBD46
Requests: 1 HTTP requests in this frame

Frame: https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5D74458131857B8811781FFB7CBAF73F
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyvuDNdB26LHhBh0SaiLSI_ArKwCPwiZE9OKpl6hCgGGNCSLezOQ-RXesHlhL7GEkoU-hpf1ydNSHSqbA0rj3CxEnQ_eZIp0-yV9XYeP44ghivib8itJgOvPtxn8gbbIXrs_3rZ-1gKegwp1jR_JmXnDX9XCCZMs8ymGkv64_r6U5g0GdTQwCFgZ7zWjdH-cq3DwUrz9AYEeFF4YcBrO2gND1w3mspa2CfR9g0Chh-TL6HIJExEI0anbieZ2RufUGNaU6NULs3hZ-AEZhYgungQ52156ysj1UTg9gohYb092c3n2PmeokBFSbvBRArXsS3imhbV8w8zGGCoUSxs5P6vQ&sai=AMfl-YQfowGO74xQqJVWHr4WsBUaBtXDO5tLvsrZuCx-pQr8vGNQ4xOmQneBzyCnbYMalFD6oYKWMLzcbT-Yp47fE1gOpm980KEGnTqWDR4_Zc7TiiJJMVySz4ZAScJziI4y&sig=Cg0ArKJSzJN74aEWNv90EAE&uach_m=[UACH]&adurl=
Frame ID: CA777864283B2967293C4D59E245B901
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_n8IMJuwYsyvG0pmnnuhtIfJ-ElMH2R2_Uw_SFUWTRwzY9CzpXcDCPCwhGkOz_n6BeI87Ei_IKBcB9I7wwmEBmSw9vJNanWVHWYzhaV96aLnPXxS7NUcoqP6uZFSe_cmWmwDafMAX_ufa1AfQP7kkHY4xWAEzIYeGxywcHm0Hwk_g2X0R-6UwA3f_NGfieAbQtBwmVumeSJfj92bnM5KuwZ960neg2f0dLoYURp9gNWoyrQU-j1XIaeuc7JF2ccJc6lnn_TXLtttWYoJXF1G27Ltm_fh04QtBNopQMWecr4vYd5rtgAyvIwUcOclQev2qF-EJ&sai=AMfl-YRphIbsBJys2SQ4thpCFpyOiGBWxTa1Slp-Vj20pJLBm9oqc2kz0wzbL0Pavt_VN3VoYYsCD3-eULQl20pxj5bX_-cUUcG3AWZ2FEAoNGEJWnwYMRChm2YcwCr0BHd0&sig=Cg0ArKJSzJMzJLn5CwYFEAE&uach_m=[UACH]&adurl=
Frame ID: 6C8F5600A1512BBFD233CC404DC381DD
Requests: 9 HTTP requests in this frame

Frame: https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E6F46180C6F0C552F906A210D2403116
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7CVaEsFOm6Oo0nm7I13NaSv2mlGZwYyETeFoRJF_wrvQCddxflrHW3he6BfjRaviqtFrms2l0rGyp147C2d4l7Gp4elEkEawyXE0FQ28RQPX_reAUaR84pdNZPFHx2Nm74W6cGqXRtPlWl7hko6yxbhabqGx2GDLppdwkE3ex0nuTcUb3QfmiG48irbo_v6016YhGcZzkFOkg8fWOCu8BXiEUPI_1__AbUJwT21UDKbnYm4WauzIm-nSvpDLd-k_ud09ThEsCJlXiIX4E4oTZb3R85TSA0MaY5YolKXuLLq7Mou2ogDQM_LuiqPrE0qCGMtnZqWaomp3Ur9oKdOJ4myC0nyo&sai=AMfl-YQNj84ActmgHzKyxcgBm_zubliNaFLPS_jwV_TdSDVrxslHqgcZeWFpAEaNQXgxjfY5yzhOU-Jfmm7CR5JNVG2gluFnQ-LVBwZot9JjYLQe1_VM0v6bOKq7AwbU0ir4&sig=Cg0ArKJSzMmXBZdBrSgSEAE&uach_m=[UACH]&adurl=
Frame ID: ED5974DE4C2978EF739CB026EFF3BCDD
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAHk1wK4FHaAAHp7Kbd07d9B5E5AYGnSg&u=%7CRvE5V9mAiTLnxuGBRXOHWK61vTqK%2FA3Q%2F6Hkp6dTBOQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2QKiI0Jg3g86PgOGRgROWHqjLSkOlQ0MQ1-1VS4TvIj2OudFw-G_ZYyUrZ4joECdBSd4o2Q4raRNMGhmWb-ws5BL8orVXe-aXddI9YPF-lI1_HJXsOE9t_07ju7LW6sw05jzpid6Mpcba-nEO9BbmzUshHQMDphA0H0bcMzjzHAn4PhBNv8J3YUUnbg1Hj4oyrs6N_oAcsdtReMBC1mlZtV5lZTCWxsiCGeEnLyC_BBCFweTh7ijq5DcHvfI076765hwJQnpyckZmRUMpziEmG_Zll6tSF11F9n5ABELhLWVYhBfOIDGY8IU72kDWvPV0tL5AHsMqzB_lDhiFjM84ZoIRe00MwwVkSvQuOMl1lgbsd8UWGQDbIyVr9LievdCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6SM5Ar3XYdymHtqjgQfs04eQCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAn3D1gNt87I-4AIAqAMBqgTJAk_QMghDs0KcMQfU1jRwZ2Jw5CPL6hS5v1U0Xpcue0iN-0H9ycD-DNHjYMD0cUQcyFqPelBgQAhvogO1t-BX_z2x9aojYjsyVWXJVm2dWwMBgWcLUjmUzQhRA_uyRDnMGBdMBKdkOogb2L4N63z5RzEWY3O4nlySwjyImagUgxSjML49eukBKliy4BQxi2H9vsih9rAMHjmnWRTvHHmOeteMkqjTuRgIuoXzvBMVjT2YGC9lngQEwb1-okO3EQnES0bTksZ7g6lljK5M9H1I5UaZkrrprMu1cWplnmWrBbLHd5AiZLVoIecmVM9QFBzGL7AUgc513hHDFB8hI3s687CgS1hegYgxPK58kF37Sgctg9KYk1oa4mjjgObpV4k9FVnILuDWTlRYf29VKGjMBccW8oMPXg181a1YZ-tAObCphfJ3oqq9ZPK34AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nzsArWxvtSGqsormKAb1i-A1-iQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Frame ID: 1FBAA3FB723952848AACD1BA915140DF
Requests: 19 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAKEVMKe4NFAA-ikkGXk-WQ84nPZ65N0g&u=%7CRvE5V9mAiTJg9OYWKTmgf1K4fOIGx3l%2B4U08I5X8ZIM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdJHTWVoJr9RGjCINpa95qU82B5Bl9BFxjrfaRVkEolEG3w76LwhSURyfX0TxRy-I7lsrtirWnGnpRT3-Sy49wPB9zxw54rigbunfWTXJ58u3u_RyWeA5wggTdWR3I1slmWO__c04ps1nYL1R_gxaLsh46b_pcswV6ubnR0IZUuVBGm2JUZ15dYGMk8wvRvS4ctHbuqKBy_EV0GVIAZXVeyUHhJJd7JKT3xzCceeY3OgMIRImJtAVRBrlj2t1v34gDgRxk5Vu31IjCoCbgzGtnUqmQZNgc8AVL-HmCCnrUhVJmjrmothcbL6A1gkmOS-buIXBY0oceD_hIF_D_HuOiNFIHlrxG55NvZNDGoaqVn3wZ8TmP9xBrb8O1My1VYaUTSjbXNnGWDSu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsoYUAr3XYdOiKMWG7gOSxb7wC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAqXCW3s_9LI-4AIAqAMBqgS3Ak_QUDOEdKScwAhLwT6tASn6mSNjSplZ0vOFl__X9y3tXGRr6p4ygo8MNQ4cQAOKRiWP2iHcaVwghTXYBJLaODd7lf3AVawZwxLhFhITEJEczjuIvVcRXuohcY5YAgnot1NnGM1-E1eRWbNg86ivVZOu5jGJl_9J5RLGwDxQqPcwYtMoaHHfGRRnpXPVg4SlXIxTf0sBJ5pywn4CHNu096kCOvvRFmeC8fPu3dDHVpRby1UqAu0mPAwfCxZj9sboewSgiTWXnucYqz-EHgpm-fVnedHjCshGfosawouTkVuGelhWdVrfz4kKVvrqOW5H1pREQ6hvBgdS3ZwP7eRHVJxNSQT-dl03PeBWkV2pQUPFpwQf0lF2rCeiIEAmHjxlluxVY6JJZztHCgG58fE_TQuZ5nwWEQQ44AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uBslijQJNd9roLx4DN-_ML2vcKQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Frame ID: 4F6101C0799F5F3DB5EA6458809F9F92
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C9F1C1C8F612396E51878C791B6DEC6B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 52811C69BFB8DC4CD31FE71FEC115E57
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Fooling Scammers: Internet Justice | The Daily StarFacebookTwitterWhatsAppLinkedInViberEmailAddThisFacebookTwitterWhatsAppLinkedInViberEmailAddThisFacebookTwitterWhatsAppLinkedInViberEmailAddThis

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

157
Requests

99 %
HTTPS

69 %
IPv6

20
Domains

34
Subdomains

33
IPs

4
Countries

3545 kB
Transfer

6718 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

157 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request fooling-scammersinternet-justice-1977997
www.thedailystar.net/shout/news/
69 KB
17 KB
Document
General
Full URL
https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:5a::79 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
90da2f2781e95f66e69fb509121af2f88e99df69b0c6dd0fdd7b7a3f2ed33417
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 07 Jan 2022 04:09:36 GMT
server
Apache
x-content-type-options
nosniff nosniff
expires
Sun, 19 Nov 1978 05:00:00 GMT
cache-control
no-cache, must-revalidate
content-language
en
x-frame-options
SAMEORIGIN
permissions-policy
interest-cohort=()
x-ua-compatible
IE=edge
link
<https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997?amp>; rel="amphtml",<https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997>; rel="canonical",<https://www.thedailystar.net/node/1977997>; rel="shortlink"
x-generator
RSI Lab (rsi-lab.com)
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html; charset=utf-8
x-cdn
Imperva
x-iinfo
6-35576058-35575225 2NNN RT(1641528575419 0) q(0 0 0 1) r(11 11) U18
css2
fonts.googleapis.com/
23 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400&display=swap
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
065017485a89b7bce378e84d4b8cfb7c844c0bd4f8521c2523f444f9a57bc59d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 07 Jan 2022 04:09:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 07 Jan 2022 04:09:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Jan 2022 04:09:37 GMT
css__wZvD4vZXtVpjQtgTTGMGAPV3iez6JRBP4JhCRTkRNVs__dhujp6ASD8GAcxK2rD_w3yLYYfQaSnsOIDOF3sbENrE__ntz5ZF9rt1NWpYL00WbgrDxXKkEE_4W7GW-Dk2CmrAM.css
img.thedailystar.net/sites/default/files/advagg_css/
225 KB
34 KB
Stylesheet
General
Full URL
https://img.thedailystar.net/sites/default/files/advagg_css/css__wZvD4vZXtVpjQtgTTGMGAPV3iez6JRBP4JhCRTkRNVs__dhujp6ASD8GAcxK2rD_w3yLYYfQaSnsOIDOF3sbENrE__ntz5ZF9rt1NWpYL00WbgrDxXKkEE_4W7GW-Dk2CmrAM.css
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.121.ip.incapdns.net
Software
/
Resource Hash
3b8f945bd8f37ee8e02a8c21fa9468a896fc23ac99c8f068576f92403a2403af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 04:09:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Nov 2021 04:24:19 GMT
X-CDN
Imperva
Age
370856
Etag
"076eee51"
Content-Type
text/css
X-Iinfo
11-96587203-0 0CNN RT(1641528577420 17) q(0 -1 -1 0) r(0 -1)
Cache-Control
max-age=3024000, public, no-transform
Content-Length
34412
logo.svg
img.thedailystar.net/sites/all/themes/sloth/
8 KB
4 KB
Image
General
Full URL
https://img.thedailystar.net/sites/all/themes/sloth/logo.svg
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.121.ip.incapdns.net
Software
/
Resource Hash
f02884ee23e3924f0ed37338734c807c939e3b47cb24f3db857e9c0fe5916ae0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 04:09:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Jun 2021 19:34:03 GMT
X-CDN
Imperva
Age
363513
Etag
"2175-5c600ce1ebda5-gzip"
Content-Type
image/svg+xml
X-Iinfo
12-128154979-0 0CNN RT(1641528577489 15) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=3024000, public
Content-Length
3830
google_news.svg
www.thedailystar.net/sites/all/themes/tds/images/
2 KB
829 B
Image
General
Full URL
https://www.thedailystar.net/sites/all/themes/tds/images/google_news.svg
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:5a::79 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fa65dbf87a1d000476d250f10862aa8a6d28d5892c524a5f74085d3ee2dc28bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:36 GMT
content-encoding
gzip
last-modified
Sun, 28 Mar 2021 02:47:37 GMT
x-cdn
Imperva
age
2385
etag
"10dc6e2a"
content-type
image/svg+xml
x-iinfo
6-35576100-0 0cNN RT(1641528576772 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=300, public
content-length
682
app-store-apple.png
img.thedailystar.net/sites/all/themes/sloth/images/
5 KB
5 KB
Image
General
Full URL
https://img.thedailystar.net/sites/all/themes/sloth/images/app-store-apple.png
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.121.ip.incapdns.net
Software
/
Resource Hash
ff3b5cfaf96faedb2c9b14649948b7e221fb323c876d5d634a00e1072681f2e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 04:09:37 GMT
Last-Modified
Wed, 30 Jun 2021 19:34:03 GMT
X-CDN
Imperva
Age
360245
Etag
"2a05-5c600ce1e9e65"
Content-Type
image/png
X-Iinfo
13-161209411-0 0CNN RT(1641528577490 17) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=3024000, public
Content-Length
4901
app-store-google.png
img.thedailystar.net/sites/all/themes/sloth/images/
8 KB
9 KB
Image
General
Full URL
https://img.thedailystar.net/sites/all/themes/sloth/images/app-store-google.png
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.121.ip.incapdns.net
Software
/
Resource Hash
264d14a28b855f3aed8e4320d2ddce810a4419173367317622fd1bc5d2870af7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 04:09:37 GMT
Last-Modified
Wed, 30 Jun 2021 19:34:03 GMT
X-CDN
Imperva
Age
360245
Etag
"3341-5c600ce1e9e65"
Content-Type
image/png
X-Iinfo
12-128154980-0 0CNN RT(1641528577490 17) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=3024000, public
Content-Length
8411
logo-bangla-white.png
img.thedailystar.net/sites/all/themes/sloth/
5 KB
5 KB
Image
General
Full URL
https://img.thedailystar.net/sites/all/themes/sloth/logo-bangla-white.png
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.121.ip.incapdns.net
Software
/
Resource Hash
f2dacab6e946da3b760430fc260f6799df86bfa717728dc8bfaa899a8dfd404e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 04:09:37 GMT
Last-Modified
Wed, 30 Jun 2021 19:34:03 GMT
X-CDN
Imperva
Age
368037
Etag
"1ae4-5c600ce1ebda5"
Content-Type
image/png
X-Iinfo
11-96587203-0 0CNN RT(1641528577420 88) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=3024000, public
Content-Length
5014
logo-white.svg
www.thedailystar.net/sites/all/themes/sloth/
8 KB
4 KB
Image
General
Full URL
https://www.thedailystar.net/sites/all/themes/sloth/logo-white.svg
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:5a::79 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5caeb608377e834651aa20af743ddcf070cb96338a282a09d4fabb10afe7ea8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:36 GMT
content-encoding
gzip
last-modified
Wed, 30 Jun 2021 19:34:03 GMT
x-cdn
Imperva
age
2385
etag
"ad0ebaee"
content-type
image/svg+xml
x-iinfo
6-35576103-0 0cNN RT(1641528576776 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=300, public
content-length
3832
atrk.js
certify-js.alexametrics.com/
4 KB
2 KB
Script
General
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-34.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
21981731
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
o1_FNFxF18G-ZDgMwfrDy_YQwKIWx1rXYRP-JORNyjcuJ6zaxQKi4w==
fbevents.js
connect.facebook.net/en_US/
98 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
mOnN5GmFKUCztUhZCVPzvPBuc6JvNRIPvoxwn9eyIp2UYSsyIWPuvNJhBeQHlAz33uzFmzXCXeBZR1Q+OtHfbQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 07 Jan 2022 04:09:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:03:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
245168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jan 2023 08:03:29 GMT
jquery.waypoints.min.js
cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/
9 KB
3 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/jquery.waypoints.min.js
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1479395
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2417
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0402f-2281"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jyf2knP%2Fozn2zCsiE%2FcHuIzjRBEczpglNibe8Kcu1jF%2FnIi8FMLAylgUQRQUsaBIessOkx3al6Q%2F9PwCBH1K2u%2Fkvv9LQvZntLulvzA0XMPiXoWI9iMQMnN9gxaEqi%2BH%2BugokslKBLtG4%2FgsWgvuQyBN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c9a54eb2df74ed4-FRA
expires
Wed, 28 Dec 2022 04:09:37 GMT
jquery.marquee.min.js
cdn.jsdelivr.net/npm/jquery.marquee@1.5.0/
6 KB
3 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/jquery.marquee@1.5.0/jquery.marquee.min.js
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23b9b39ea61308052256b9921bf1c0de6698bcf0c04e3e4f2978adc86168ff6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
6333744
x-jsd-version
1.5.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19138-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1718-CaEK+6fs3Lo9Yd4d7cQyvY4wbCg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6c9a54eb3beb8bb1-FRA
js__q3FPQG0lDTzcUE5hM7MZWc1NT1ndRTRA4E44-DtoF3o__eQgq-1gijJ2ngvsavYCbUVNGBQm1f_ZD3j-PCWneWIc__ntz5ZF9rt1NWpYL00WbgrDxXKkEE_4W7GW-Dk2CmrAM.js
img.thedailystar.net/sites/default/files/advagg_js/
239 KB
58 KB
Script
General
Full URL
https://img.thedailystar.net/sites/default/files/advagg_js/js__q3FPQG0lDTzcUE5hM7MZWc1NT1ndRTRA4E44-DtoF3o__eQgq-1gijJ2ngvsavYCbUVNGBQm1f_ZD3j-PCWneWIc__ntz5ZF9rt1NWpYL00WbgrDxXKkEE_4W7GW-Dk2CmrAM.js
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.121.ip.incapdns.net
Software
/
Resource Hash
0f9a9d837264a9eebadbbbe14f59c2a23c67234396e808561e2cbe7506e70ed7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 04:09:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Jul 2021 17:53:37 GMT
X-CDN
Imperva
Age
370856
Etag
"761f513e"
Content-Type
application/javascript
X-Iinfo
11-96587203-0 0CNN RT(1641528577420 56) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=3024000, public, no-transform
Content-Length
59203
addthis_widget.js
s7.addthis.com/js/300/
353 KB
114 KB
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
date
Fri, 07 Jan 2022 04:09:37 GMT
x-host
s7.addthis.com
content-length
116406
js__87_HJHlRERwe2WHE2DIYWm1wR4oItOw5FkOfVyyaFp8__-FNqmvfCIo6341yyYkPoyNyP6MU_Zd6W4lVJLuoNT7g__ntz5ZF9rt1NWpYL00WbgrDxXKkEE_4W7GW-Dk2CmrAM.js
img.thedailystar.net/sites/default/files/advagg_js/
109 KB
29 KB
Script
General
Full URL
https://img.thedailystar.net/sites/default/files/advagg_js/js__87_HJHlRERwe2WHE2DIYWm1wR4oItOw5FkOfVyyaFp8__-FNqmvfCIo6341yyYkPoyNyP6MU_Zd6W4lVJLuoNT7g__ntz5ZF9rt1NWpYL00WbgrDxXKkEE_4W7GW-Dk2CmrAM.js
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.121.ip.incapdns.net
Software
/
Resource Hash
bf5fc25bc4f89072ca99ed8d411fccc434fc01ac6e11fccdcc71cd387f60ee82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 04:09:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Nov 2021 04:24:19 GMT
X-CDN
Imperva
Age
370856
Etag
"f7349908"
Content-Type
application/javascript
X-Iinfo
13-161209410-0 0CNN RT(1641528577489 14) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=3024000, public, no-transform
Content-Length
29175
_Incapsula_Resource
www.thedailystar.net/
152 KB
22 KB
Script
General
Full URL
https://www.thedailystar.net/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=652423533
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:5a::79 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
518bb6cce30e70a06e060ae7486feb336baf05441e075fa4bb35f5f3f3a1360d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
22074
content-type
application/javascript
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2083
date
Fri, 07 Jan 2022 03:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 07 Jan 2022 05:34:54 GMT
sprite_c91be62d7bce96377f39311463e01e5f.png
img.thedailystar.net/sites/all/themes/sloth/images/
8 KB
8 KB
Image
General
Full URL
https://img.thedailystar.net/sites/all/themes/sloth/images/sprite_c91be62d7bce96377f39311463e01e5f.png
Requested by
Host: img.thedailystar.net
URL: https://img.thedailystar.net/sites/default/files/advagg_css/css__wZvD4vZXtVpjQtgTTGMGAPV3iez6JRBP4JhCRTkRNVs__dhujp6ASD8GAcxK2rD_w3yLYYfQaSnsOIDOF3sbENrE__ntz5ZF9rt1NWpYL00WbgrDxXKkEE_4W7GW-Dk2CmrAM.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.121.ip.incapdns.net
Software
/
Resource Hash
7f83c842f0a02ffd0a7f1349149f158b522bfb1eb36f08a7f7303b0aada001ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://img.thedailystar.net/sites/default/files/advagg_css/css__wZvD4vZXtVpjQtgTTGMGAPV3iez6JRBP4JhCRTkRNVs__dhujp6ASD8GAcxK2rD_w3yLYYfQaSnsOIDOF3sbENrE__ntz5ZF9rt1NWpYL00WbgrDxXKkEE_4W7GW-Dk2CmrAM.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 04:09:37 GMT
Last-Modified
Wed, 07 Jul 2021 18:28:30 GMT
X-CDN
Imperva
Age
363513
Etag
"296c-5c68cb48cfed0"
Content-Type
image/png
X-Iinfo
11-96587203-0 0CNN RT(1641528577420 108) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=3024000, public
Content-Length
8356
TiemposHeadlineApp-Regular.woff2
img.thedailystar.net/sites/all/themes/sloth/fonts/tiempos-regular/
38 KB
39 KB
Font
General
Full URL
https://img.thedailystar.net/sites/all/themes/sloth/fonts/tiempos-regular/TiemposHeadlineApp-Regular.woff2
Requested by
Host: img.thedailystar.net
URL: https://img.thedailystar.net/sites/default/files/advagg_css/css__wZvD4vZXtVpjQtgTTGMGAPV3iez6JRBP4JhCRTkRNVs__dhujp6ASD8GAcxK2rD_w3yLYYfQaSnsOIDOF3sbENrE__ntz5ZF9rt1NWpYL00WbgrDxXKkEE_4W7GW-Dk2CmrAM.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.121.ip.incapdns.net
Software
/
Resource Hash
c2d3804aea13181b8e20a3d4e9e04ca73e1087f955bd4013bdebcd76f29a4281

Request headers

Referer
https://img.thedailystar.net/sites/default/files/advagg_css/css__wZvD4vZXtVpjQtgTTGMGAPV3iez6JRBP4JhCRTkRNVs__dhujp6ASD8GAcxK2rD_w3yLYYfQaSnsOIDOF3sbENrE__ntz5ZF9rt1NWpYL00WbgrDxXKkEE_4W7GW-Dk2CmrAM.css
Origin
https://www.thedailystar.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 04:09:37 GMT
Last-Modified
Wed, 30 Jun 2021 19:34:03 GMT
X-CDN
Imperva
Age
370856
Etag
"9830-5c600ce1e8ec5"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
X-Iinfo
13-161209416-0 0CNN RT(1641528577499 18) q(0 -1 -1 0) r(0 -1)
Cache-Control
max-age=3024000, public
Content-Length
38960
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thedailystar.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 13:52:02 GMT
x-content-type-options
nosniff
age
569855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 31 Dec 2022 13:52:02 GMT
tds.ttf
img.thedailystar.net/sites/all/themes/sloth/fonts/tds/
3 KB
3 KB
Font
General
Full URL
https://img.thedailystar.net/sites/all/themes/sloth/fonts/tds/tds.ttf?k6unl1
Requested by
Host: img.thedailystar.net
URL: https://img.thedailystar.net/sites/default/files/advagg_css/css__wZvD4vZXtVpjQtgTTGMGAPV3iez6JRBP4JhCRTkRNVs__dhujp6ASD8GAcxK2rD_w3yLYYfQaSnsOIDOF3sbENrE__ntz5ZF9rt1NWpYL00WbgrDxXKkEE_4W7GW-Dk2CmrAM.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.121.ip.incapdns.net
Software
/
Resource Hash
da30f3be4f2509f03c6c447e79f6a663a8db11301c6b6edc74300cbdf8584746

Request headers

Referer
https://img.thedailystar.net/sites/default/files/advagg_css/css__wZvD4vZXtVpjQtgTTGMGAPV3iez6JRBP4JhCRTkRNVs__dhujp6ASD8GAcxK2rD_w3yLYYfQaSnsOIDOF3sbENrE__ntz5ZF9rt1NWpYL00WbgrDxXKkEE_4W7GW-Dk2CmrAM.css
Origin
https://www.thedailystar.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 04:09:37 GMT
Last-Modified
Fri, 23 Jul 2021 18:43:50 GMT
X-CDN
Imperva
Age
370856
Etag
"a48-5c7cec8d61ae7"
Content-Type
font/ttf
Access-Control-Allow-Origin
*
X-Iinfo
12-128154982-0 0CNN RT(1641528577502 16) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=3024000, public
Content-Length
2632
Myriad-Pro-Semibold.woff2
img.thedailystar.net/sites/all/themes/sloth/fonts/myriadProSemibold/
49 KB
50 KB
Font
General
Full URL
https://img.thedailystar.net/sites/all/themes/sloth/fonts/myriadProSemibold/Myriad-Pro-Semibold.woff2
Requested by
Host: img.thedailystar.net
URL: https://img.thedailystar.net/sites/default/files/advagg_css/css__wZvD4vZXtVpjQtgTTGMGAPV3iez6JRBP4JhCRTkRNVs__dhujp6ASD8GAcxK2rD_w3yLYYfQaSnsOIDOF3sbENrE__ntz5ZF9rt1NWpYL00WbgrDxXKkEE_4W7GW-Dk2CmrAM.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.121.ip.incapdns.net
Software
/
Resource Hash
b374ab69ed843340ca5fba046e3005a70f6e436e141a24defcf2d570acf2917e

Request headers

Referer
https://img.thedailystar.net/sites/default/files/advagg_css/css__wZvD4vZXtVpjQtgTTGMGAPV3iez6JRBP4JhCRTkRNVs__dhujp6ASD8GAcxK2rD_w3yLYYfQaSnsOIDOF3sbENrE__ntz5ZF9rt1NWpYL00WbgrDxXKkEE_4W7GW-Dk2CmrAM.css
Origin
https://www.thedailystar.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 04:09:37 GMT
Last-Modified
Wed, 30 Jun 2021 19:34:03 GMT
X-CDN
Imperva
Age
370856
Etag
"c4b8-5c600ce1e6f85"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
X-Iinfo
11-96587212-0 0CNN RT(1641528577503 15) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=3024000, public
Content-Length
50360
TiemposHeadlineApp-Medium.woff2
img.thedailystar.net/sites/all/themes/sloth/fonts/tiempos-medium/
36 KB
37 KB
Font
General
Full URL
https://img.thedailystar.net/sites/all/themes/sloth/fonts/tiempos-medium/TiemposHeadlineApp-Medium.woff2
Requested by
Host: img.thedailystar.net
URL: https://img.thedailystar.net/sites/default/files/advagg_css/css__wZvD4vZXtVpjQtgTTGMGAPV3iez6JRBP4JhCRTkRNVs__dhujp6ASD8GAcxK2rD_w3yLYYfQaSnsOIDOF3sbENrE__ntz5ZF9rt1NWpYL00WbgrDxXKkEE_4W7GW-Dk2CmrAM.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.121.ip.incapdns.net
Software
/
Resource Hash
0d50ed47c1f594367d5edcfd4029b9af4093587e89fb01c2f431ac71240cc565

Request headers

Referer
https://img.thedailystar.net/sites/default/files/advagg_css/css__wZvD4vZXtVpjQtgTTGMGAPV3iez6JRBP4JhCRTkRNVs__dhujp6ASD8GAcxK2rD_w3yLYYfQaSnsOIDOF3sbENrE__ntz5ZF9rt1NWpYL00WbgrDxXKkEE_4W7GW-Dk2CmrAM.css
Origin
https://www.thedailystar.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 04:09:37 GMT
Last-Modified
Wed, 30 Jun 2021 19:34:03 GMT
X-CDN
Imperva
Age
370856
Etag
"90e0-5c600ce1e7f25"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
X-Iinfo
9-41329187-0 0CNN RT(1641528577504 16) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=3024000, public
Content-Length
37088
DailyStarMahfuzAnamBNN.woff
img.thedailystar.net/sites/all/themes/sloth/fonts/DailyStarMahfuzAnamBN/WOFF/
90 KB
91 KB
Font
General
Full URL
https://img.thedailystar.net/sites/all/themes/sloth/fonts/DailyStarMahfuzAnamBN/WOFF/DailyStarMahfuzAnamBNN.woff
Requested by
Host: img.thedailystar.net
URL: https://img.thedailystar.net/sites/default/files/advagg_css/css__wZvD4vZXtVpjQtgTTGMGAPV3iez6JRBP4JhCRTkRNVs__dhujp6ASD8GAcxK2rD_w3yLYYfQaSnsOIDOF3sbENrE__ntz5ZF9rt1NWpYL00WbgrDxXKkEE_4W7GW-Dk2CmrAM.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.121.ip.incapdns.net
Software
/
Resource Hash
eeeefd14cc029aa6cd646a071d7a060970d4b9832e1611d8c7584bbfc45d5ee9

Request headers

Referer
https://img.thedailystar.net/sites/default/files/advagg_css/css__wZvD4vZXtVpjQtgTTGMGAPV3iez6JRBP4JhCRTkRNVs__dhujp6ASD8GAcxK2rD_w3yLYYfQaSnsOIDOF3sbENrE__ntz5ZF9rt1NWpYL00WbgrDxXKkEE_4W7GW-Dk2CmrAM.css
Origin
https://www.thedailystar.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 04:09:37 GMT
Last-Modified
Wed, 30 Jun 2021 19:34:03 GMT
X-CDN
Imperva
Age
370856
Etag
"16894-5c600ce1e2164"
Content-Type
font/woff
Access-Control-Allow-Origin
*
X-Iinfo
9-41329188-0 0CNN RT(1641528577504 18) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=3024000, public
Content-Length
92308
298630560628716
connect.facebook.net/signals/config/
305 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/298630560628716?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e73a2afb0da4b08aa775f1ffcf608c62e24d18739b0d1414b152de80b280858f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
q+vj17Jz5hnomLEjf1GdaUuAziadq4kPxImUt3KarbM1g9GskDlf+sgTRB2GxB8Ha+Bp+MmSgu8g5OyjLuuzog==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 07 Jan 2022 04:09:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
atrk.gif
certify.alexametrics.com/
43 B
551 B
Image
General
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Fooling%20Scammers%3A%20Internet%20Justice%20%7C%20The%20Daily%20Star&time=1641528577855&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.thedailystar.net%2Fshout%2Fnews%2Ffooling-scammersinternet-justice-1977997&random_number=11754300820&sess_cookie=3fcc7d1f17e32ba4f3fa5439a3f&sess_cookie_flag=1&user_cookie=3fcc7d1f17e32ba4f3fa5439a3f&user_cookie_flag=1&dynamic=true&domain=thedailystar.net&account=VbLio1IW18104B&jsv=20130128&user_lang=en-US
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-17.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 01:58:51 GMT
Via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
7846
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA50-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
nk7oW2MAzl-D-NPftqhQvGlp_Dpum_E_x5qeBt977hfpP0qo7NzWbA==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/
0
48 B
Image
General
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.136.15.54 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-15-54.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
server
Server
gpt.js
securepubads.g.doubleclick.net/tag/js/
78 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
e9d45467f4833ab1983bd81ff30bd233a58feb324dc84a8e22a8f303f91a3409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26985
x-xss-protection
0
server
sffe
etag
"1094 / 707 of 1000 / last-modified: 1641462333"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 07 Jan 2022 04:09:38 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/
2 KB
1 KB
Script
General
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:37 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=33889
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: img.thedailystar.net
URL: https://img.thedailystar.net/sites/default/files/advagg_js/js__87_HJHlRERwe2WHE2DIYWm1wR4oItOw5FkOfVyyaFp8__-FNqmvfCIo6341yyYkPoyNyP6MU_Zd6W4lVJLuoNT7g__ntz5ZF9rt1NWpYL00WbgrDxXKkEE_4W7GW-Dk2CmrAM.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e6e89216e59c09848f1d94e8c143b2ebbc00d6992aa35af0d2e810bef88f6fcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
uYi6lTjmbIp4xskqld/vEQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Fri, 07 Jan 2022 04:13:11 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
yk+SBIEqnDUPYCAGqOHqTrGLw/ns8PBuRrqJS2QWsjnRwvfCDWSfVqBU/LLg9AhTlH8igeR4jgJpMVkXvu2j7w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
133d42596f618c2488b777247d8543dd
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 07 Jan 2022 04:09:37 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"ff0cfccf610c4dbe5cdefcc20293e832"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5d1072ada1b6c266/
3 KB
913 B
Script
General
Full URL
https://v1.addthisedge.com/live/boost/ra-5d1072ada1b6c266/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
64bbf2b88a7d05a336318e45c9ab25a8d9224e89775436682efcc78a5fe2bb45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
content-encoding
gzip
etag
505258798--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=53, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
738
300lo.json
m.addthis.com/live/red_lojson/
90 B
250 B
Script
General
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=61d7bd0115967573&bkl=0&bl=1&pdt=1303&sid=61d7bd0115967573&pub=ra-5d1072ada1b6c266&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.thedailystar.net&fp=shout%2Fnews%2Ffooling-scammersinternet-justice-1977997&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1641528577976&jsl=129&uvs=61d7bd017c12fdb6000&skipb=1&callback=addthis.cbs.jsonp__180743591101439230
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
605bfe8a0c72aa433f7db8172fc2ece9366ced4aac55faf3709e91801b07b668

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 04:09:38 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
90
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame C85C
0
0

sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 6BCC
71 KB
26 KB
Document
General
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/

Response headers

server
nginx/1.15.8
content-type
text/html
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
etag
W/"5f971164-11adc"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
26421
date
Fri, 07 Jan 2022 04:09:38 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
_Incapsula_Resource
www.thedailystar.net/
1 B
89 B
Image
General
Full URL
https://www.thedailystar.net/_Incapsula_Resource?SWKMTFSR=1&e=0.45436331653044104
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:5a::79 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
collect
stats.g.doubleclick.net/j/
4 B
446 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-59519741-1&cid=1683078313.1641528578&jid=29992095&gjid=1879667943&_gid=1121597369.1641528578&_u=YGBAgEABAAAAAE~&z=1915215623
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thedailystar.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 07 Jan 2022 04:09:38 GMT
content-type
text/plain
access-control-allow-origin
https://www.thedailystar.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=40932938&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thedailystar.net%2Fshout%2Fnews%2Ffooling-scammersinternet-justice-1977997&dp=%2Fshout%2Fnews%2Ffooling-scammersinternet-justice-1977997&ul=en-us&de=UTF-8&dt=Fooling%20Scammers%3A%20Internet%20Justice%20%7C%20The%20Daily%20Star&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=29992095&gjid=1879667943&cid=1683078313.1641528578&tid=UA-59519741-1&_gid=1121597369.1641528578&cd1=News&cd2=1977997&cd3=88&cd4=english&cd5=1602698400&cd6=Print&z=616713637
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 02:56:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4401
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
295 B
Image
General
Full URL
https://www.facebook.com/tr/?id=298630560628716&ev=PageView&dl=https%3A%2F%2Fwww.thedailystar.net%2Fshout%2Fnews%2Ffooling-scammersinternet-justice-1977997&rl=&if=false&ts=1641528578089&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1641528578088.2142128714&it=1641528577854&coo=false&rqm=GET
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Fri, 07 Jan 2022 04:09:38 GMT
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/
263 KB
76 KB
Script
General
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Fri, 07 Jan 2022 04:09:38 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
default_fallback.jpg
img.thedailystar.net/sites/default/files/styles/small_201/public/
3 KB
3 KB
Image
General
Full URL
https://img.thedailystar.net/sites/default/files/styles/small_201/public/default_fallback.jpg?itok=SahuXW6m
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.121.ip.incapdns.net
Software
/
Resource Hash
16bc11c77462618278bd375e4d9d199270cd40f24f68ef68b089503920be1b48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 04:09:37 GMT
Last-Modified
Thu, 01 Jul 2021 23:12:53 GMT
X-CDN
Imperva
Age
360245
Etag
"b67-5c617fa84cc0b"
Content-Type
image/jpeg
X-Iinfo
11-96587203-0 0CNN RT(1641528577420 391) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=3024000, public
Content-Length
2611
losing.jpg
img.thedailystar.net/sites/default/files/styles/big_202/public/feature/images/
138 KB
138 KB
Image
General
Full URL
https://img.thedailystar.net/sites/default/files/styles/big_202/public/feature/images/losing.jpg?itok=QmOS_u3Y&timestamp=1602685781
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.121.ip.incapdns.net
Software
Apache /
Resource Hash
34e6602832df7b4d2bb900f69c061c5f9fe55518dfc1272ce598b2e92853a2dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 04:09:38 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 29 Nov 2021 20:09:07 GMT
Server
Apache
ETag
"22845-5d1f3035a7673"
Content-Type
image/jpeg
X-Iinfo
13-161209410-161209506 2NNN RT(1641528577489 322) q(0 0 0 -1) r(0 6) U18
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
141381
X-CDN
Imperva
raat_jaga_phul.jpg
img.thedailystar.net/bangla/sites/default/files/styles/medium_202/public/images/2022/01/07/
35 KB
36 KB
Image
General
Full URL
https://img.thedailystar.net/bangla/sites/default/files/styles/medium_202/public/images/2022/01/07/raat_jaga_phul.jpg
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.121.ip.incapdns.net
Software
Apache /
Resource Hash
0d6a90e2bfa1f23c03dbae7014b5b21ac6190b062bdd6fc5b21fcacb5c7eae01
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 04:09:38 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 07 Jan 2022 03:39:42 GMT
Server
Apache
ETag
"8cce-5d4f5bcc7f601"
Content-Type
image/jpeg
X-Iinfo
12-128154980-128155018 2NNN RT(1641528577490 322) q(0 0 0 -1) r(0 6) U18
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
36046
X-CDN
Imperva
sdk.js
connect.facebook.net/en_US/
285 KB
80 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=c34c3775a16a2432182d30997eaeefac
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a1f3af2b627d36c3d570c687715a16b0f438281fb352cc4aa557a0fb63b87f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.thedailystar.net/
Origin
https://www.thedailystar.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
1w1zC0KZLdXDa/w164UryA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Sat, 07 Jan 2023 02:15:32 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82067
x-fb-rlafr
0
x-fb-debug
S16UvZnEXcf5mHHBv+tVeHcoWnpZXS5jPQLhF3XZAsxXXnQugm3y2NU7Gx5ygMJB1ibefPGGWLOSsi9n0I0IYg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
1dbe95640147ee59ca298e4f9137e42a
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 07 Jan 2022 04:09:38 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"221b1e1ada0b5714de6e1c490a5cc113"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
pubads_impl_2022010408.js
securepubads.g.doubleclick.net/gpt/
352 KB
118 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
1fa69220188d732c02aae29fcdc0962d1cb62a8bdd6237779f89d17e4f74c041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121034
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 16:09:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 07 Jan 2022 04:09:38 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
141 B
133 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thedailystar.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
9ec0b662d13333eaf3324de61d7248a0e961b2175fd2b2e81eb24ac5e19e39d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Jan 2022 04:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108
x-xss-protection
0
expires
Fri, 07 Jan 2022 04:09:38 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-59519741-1&cid=1683078313.1641528578&jid=29992095&_u=YGBAgEABAAAAAE~&z=1593179065
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 04:09:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-59519741-1&cid=1683078313.1641528578&jid=29992095&_u=YGBAgEABAAAAAE~&z=1593179065
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 04:09:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
147.1581dc34512966c2ddb7.js
s7.addthis.com/static/
1 KB
917 B
Script
General
Full URL
https://s7.addthis.com/static/147.1581dc34512966c2ddb7.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
0f839003422e5fe9c2dfd0e43d629d2f33a379e98c1558a6f5b7f5ef5cdf99b8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-45e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Fri, 07 Jan 2022 04:09:38 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
677
truncated
/
443 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1470682543251344&ev=fb_page_view&dl=https%3A%2F%2Fwww.thedailystar.net%2Fshout%2Fnews%2Ffooling-scammersinternet-justice-1977997&rl=&if=false&ts=1641528578212&sw=1600&sh=1200&at=
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Fri, 07 Jan 2022 04:09:38 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.thedailystar.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Jan 2022 04:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.thedailystar.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Jan 2022 04:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
103 KB
19 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1942997965827401&correlator=13917145938170&output=ldjh&impl=fifs&eid=31063981&vrg=2022010408&ptt=17&sc=1&sfv=1-0-38&ecs=20220107&iu_parts=34728570%2Cen_bottom_sticky_hover%2Cen_one_lead_banner%2Cpop_up_banner%2CNews_Details_After_2nd_Paragraph_ad&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=1000x60%7C320x50%2C728x90%7C300x100%2C1x1%2C300x250&ists=2&prev_scp=type%3Dnews%26nid%3D1977997%26category%3DSHOUT%26Category%3Dtype-node%2Cnode-1977997%2CSHOUT%7Ctype%3Dnews%26nid%3D1977997%26category%3DSHOUT%26Category%3Dtype-node%2Cnode-1977997%2CSHOUT%7Ctype%3Dnews%26nid%3D1977997%26category%3DSHOUT%26Category%3Dtype-node%2Cnode-1977997%2CSHOUT%7Ctype%3Dnews%26nid%3D1977997%26category%3DSHOUT%26Category%3Dtype-node%2Cnode-1977997%2CSHOUT&cookie_enabled=1&bc=31&abxe=1&lmt=1641528578&dt=1641528578335&dlt=1641528577570&idt=734&frm=20&biw=1600&bih=1200&oid=2&adxs=300%2C436%2C0%2C320&adys=1200%2C15%2C2438%2C1294&adks=2845897327%2C572651809%2C2443861335%2C4267926081&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thedailystar.net%2Fshout%2Fnews%2Ffooling-scammersinternet-justice-1977997&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1%7C1600x0%7C1600x0%7C620x0&msz=1600x-1%7C1600x0%7C1600x0%7C620x0&ga_vid=1683078313.1641528578&ga_sid=1641528578&ga_hid=40932938&ga_fc=true&ga_wpids=UA-59519741-1&fws=516%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&btvi=1%7C0%7C2%7C3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
922304b29a3498a7d7ed4e0f37e7ac86919adcfd616ef58706f12b46749593bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19500
x-xss-protection
0
google-lineitem-id
5797206940,-1,-2,5185679436
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138364059095,-1,-2,138376895100
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thedailystar.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
44 KB
16 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1942997965827401&correlator=13917145938170&output=ldjh&impl=fifs&eid=31063981&vrg=2022010408&ptt=17&sc=1&sfv=1-0-38&ecs=20220107&iu_parts=34728570%2Cnews_details_middle_leaderboard_new&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=type%3Dnews%26nid%3D1977997%26category%3DSHOUT%26Category%3Dtype-node%2Cnode-1977997%2CSHOUT&cookie_enabled=1&bc=31&abxe=1&lmt=1641528578&dt=1641528578386&dlt=1641528577570&idt=734&frm=20&biw=1600&bih=1200&oid=2&adxs=320&adys=1936&adks=4129203064&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thedailystar.net%2Fshout%2Fnews%2Ffooling-scammersinternet-justice-1977997&vis=1&dmc=8&scr_x=0&scr_y=0&psz=620x0&msz=620x0&ga_vid=1683078313.1641528578&ga_sid=1641528578&ga_hid=40932938&ga_fc=true&ga_wpids=UA-59519741-1&fws=4&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
f835873d962e7bba523cceced16d7f5189cc0b3240e098bb9a97d5754ac01415
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16610
x-xss-protection
0
google-lineitem-id
5657272780
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138365480782
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thedailystar.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
44 KB
16 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1942997965827401&correlator=13917145938170&output=ldjh&impl=fifs&eid=31063981&vrg=2022010408&ptt=17&sc=1&sfv=1-0-38&ecs=20220107&iu_parts=34728570%2Cen_six_vertical_large&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C300x100&prev_scp=type%3Dnews%26nid%3D1977997%26category%3DSHOUT%26Category%3Dtype-node%2Cnode-1977997%2CSHOUT&cookie_enabled=1&bc=31&abxe=1&lmt=1641528578&dt=1641528578402&dlt=1641528577570&idt=734&frm=20&biw=1600&bih=1200&oid=2&adxs=165&adys=2025&adks=1159945097&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thedailystar.net%2Fshout%2Fnews%2Ffooling-scammersinternet-justice-1977997&vis=1&dmc=8&scr_x=0&scr_y=0&psz=930x0&msz=930x0&ga_vid=1683078313.1641528578&ga_sid=1641528578&ga_hid=40932938&ga_fc=true&ga_wpids=UA-59519741-1&fws=4&ohw=1600&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
476d203491d2bd6cebf34f805416c1eaa2fa359587750f2654f60aaa9925a33a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16562
x-xss-protection
0
google-lineitem-id
5870296756
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138376679168
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thedailystar.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
44 KB
16 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1942997965827401&correlator=13917145938170&output=ldjh&impl=fifs&eid=31063981&vrg=2022010408&ptt=17&sc=1&sfv=1-0-38&ecs=20220107&iu_parts=34728570%2CNews_Detail_Right_Top_Rentangle&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x100%7C320x50&prev_scp=type%3Dnews%26nid%3D1977997%26category%3DSHOUT%26Category%3Dtype-node%2Cnode-1977997%2CSHOUT&cookie_enabled=1&bc=31&abxe=1&lmt=1641528578&dt=1641528578417&dlt=1641528577570&idt=734&frm=20&biw=1600&bih=1200&oid=2&adxs=1125&adys=248&adks=2006005718&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thedailystar.net%2Fshout%2Fnews%2Ffooling-scammersinternet-justice-1977997&vis=1&dmc=8&scr_x=0&scr_y=0&psz=310x0&msz=310x0&ga_vid=1683078313.1641528578&ga_sid=1641528578&ga_hid=40932938&ga_fc=true&ga_wpids=UA-59519741-1&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b52196801257a610b9019b2555326548b8f4971cf4f165359d3d48fb59396cad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16780
x-xss-protection
0
google-lineitem-id
5060673356
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138366625427
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thedailystar.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
23 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1942997965827401&correlator=13917145938170&output=ldjh&impl=fifs&eid=31063981&vrg=2022010408&ptt=17&sc=1&sfv=1-0-38&ecs=20220107&iu_parts=34728570%2CNews_detail_rightside_position_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=type%3Dnews%26nid%3D1977997%26category%3DSHOUT%26Category%3Dtype-node%2Cnode-1977997%2CSHOUT&cookie_enabled=1&bc=31&abxe=1&lmt=1641528578&dt=1641528578431&dlt=1641528577570&idt=734&frm=20&biw=1600&bih=1200&oid=2&adxs=1125&adys=248&adks=2486299796&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thedailystar.net%2Fshout%2Fnews%2Ffooling-scammersinternet-justice-1977997&vis=1&dmc=8&scr_x=0&scr_y=0&psz=310x0&msz=310x0&ga_vid=1683078313.1641528578&ga_sid=1641528578&ga_hid=40932938&ga_fc=true&ga_wpids=UA-59519741-1&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
93cbd24495ede0288f537d396e0e6c2a26b042d8ed6fbd69d3c798d739936e12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thedailystar.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F74A
6 KB
4 KB
Document
General
Full URL
https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 07 Jan 2022 04:09:38 GMT
expires
Sat, 07 Jan 2023 04:09:38 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame ADBF
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvS65pTOJD-aMeGSU3zZKq61nM5lRq0WfqhNFQ3uCGNvobbO6Y_SYJ5-023DolbJqXsoGKahcYw7GNXh6z0sB9WTaLAtkQEwtzUIs1iyKDv6FGya3LxD8ymGqio9-xby5DYznqtQ4QWpHBoPRIIffFo98GNLCGvBh5zJcmlz11ZiXa6_Ro7zj-Cd4dXzNOLQpOqMOtq8UMxCVDPK0m29wOHplSd130fihgqaWbBqLV8qZpTCv7Jdo_7LLBoXS8MhVfxcG6oo8ETrHQyOPBBVNTS4BaoIjo1eCl0IRHeyrezUWZ_vTAVuGG8Ky4yfxl-Iu0N8AY&sai=AMfl-YSD8WSByi5D9lAlaQsNNXS65QOWjvMnQgIqLpKVcyx6Q-SuHgLwAdDzJjS3ZRQkHDf3l-kHpu7AMZFgqxga498S0dszOtquqdE3xkSGzKbAGsTB7hCo0u0eTa_dyJ83&sig=Cg0ArKJSzDK4d4MXejfVEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Jan 2022 04:09:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 07 Jan 2022 04:09:38 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame ADBF
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7894
x-xss-protection
0
server
cafe
etag
10405968765291005445
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 04:02:25 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame ADBF
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 03:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
625
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 03:59:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ADBF
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 07 Jan 2022 04:09:38 GMT
12537690887401295683
tpc.googlesyndication.com/simgad/ Frame ADBF
226 KB
226 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12537690887401295683
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d404a106056879d889c1f9f42a965f9eecd8418d9a82a3c5f631754773c7cd30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 07:36:30 GMT
x-content-type-options
nosniff
age
73988
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
231046
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 06:04:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 06 Jan 2023 07:36:30 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame B58C
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7894
x-xss-protection
0
server
cafe
etag
10405968765291005445
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 04:02:25 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame B58C
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 03:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
625
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 03:59:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B58C
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 07 Jan 2022 04:09:38 GMT
8340025019071352217
tpc.googlesyndication.com/simgad/ Frame B58C
99 KB
100 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/8340025019071352217
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cac80651c7b6bf095be62d4aad178deed1abdbf7fc909e97bcba5003bebc73a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 02:53:36 GMT
x-content-type-options
nosniff
age
177362
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101691
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 04:57:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Jan 2023 02:53:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B58C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveSlMvK6zMS2yZ-0T8d2YUoMzqXMAa52x9aImggwpxcICGv5Dgv1orUFLcCOroFd1IJMabLY2PXQOiwcf7iL8s4v1Odg0Tu2eCC-uVGmk2ywoIDTFkUwJtsoYhV3hiyWMm3YJ23qLuhr-K-Zw2V0zCFRoCFh_7bkf41g9BkLk-ClQmyQKL77fEvweWhlRBisAqh7obdxT0ElMMwdR4eFEdUdIRGWsqynQH5OhUWCj4k7rCyHwOrK4ozfGOBim7eSQdDZWfPQ2MOF-jUhU_Bvckockjgn5ZRXa3z4vKRR-67QxQB-dWTWGKFo9LLxrwxkoRS8FQ032YhrTzzAvBcSSW-K9J2C8&sai=AMfl-YQS310_Y2wfkI8xV4rIoUEOvG2b9WXtN12CeFP_xNHhRGB9AJ2LFt9IiEjpyMNBXTKesKkpX54bF6Dl6mRyOvefeCZwRjXSbE3m2xuInahGArVptBsRwiUCRjHi_KZm&sig=Cg0ArKJSzLEyudy85HD0EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Jan 2022 04:09:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 07 Jan 2022 04:09:38 GMT
/
www.facebook.com/tr/ Frame 620B
0
15 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.thedailystar.net
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.thedailystar.net
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Fri, 07 Jan 2022 04:09:38 GMT
container.html
1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5D74
6 KB
3 KB
Document
General
Full URL
https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 07 Jan 2022 04:09:38 GMT
expires
Sat, 07 Jan 2023 04:09:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame CA77
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyvuDNdB26LHhBh0SaiLSI_ArKwCPwiZE9OKpl6hCgGGNCSLezOQ-RXesHlhL7GEkoU-hpf1ydNSHSqbA0rj3CxEnQ_eZIp0-yV9XYeP44ghivib8itJgOvPtxn8gbbIXrs_3rZ-1gKegwp1jR_JmXnDX9XCCZMs8ymGkv64_r6U5g0GdTQwCFgZ7zWjdH-cq3DwUrz9AYEeFF4YcBrO2gND1w3mspa2CfR9g0Chh-TL6HIJExEI0anbieZ2RufUGNaU6NULs3hZ-AEZhYgungQ52156ysj1UTg9gohYb092c3n2PmeokBFSbvBRArXsS3imhbV8w8zGGCoUSxs5P6vQ&sai=AMfl-YQfowGO74xQqJVWHr4WsBUaBtXDO5tLvsrZuCx-pQr8vGNQ4xOmQneBzyCnbYMalFD6oYKWMLzcbT-Yp47fE1gOpm980KEGnTqWDR4_Zc7TiiJJMVySz4ZAScJziI4y&sig=Cg0ArKJSzJN74aEWNv90EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Jan 2022 04:09:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame CA77
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7894
x-xss-protection
0
server
cafe
etag
10405968765291005445
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 04:02:25 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame CA77
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 03:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
625
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 03:59:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CA77
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 07 Jan 2022 04:09:38 GMT
l
www.google.com/ads/measurement/ Frame CA77
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRl-dOxPsQu9hcEdg6gsUQzVyLvlokM2NXN2WHZmDd_RmGH3l33nFOnPNkOLYqyFDGvMBKM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

2945362256024853289
tpc.googlesyndication.com/simgad/ Frame CA77
47 KB
47 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/2945362256024853289
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4895b2c573fbfa5598d6441372a3a56e15b5541459f8124fa6b41308825c9900
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 01:25:52 GMT
x-content-type-options
nosniff
age
182626
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48591
x-xss-protection
0
last-modified
Tue, 02 Feb 2021 11:17:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Jan 2023 01:25:52 GMT
truncated
/ Frame ADBF
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58120389719db6ed2d9b42aa33e590e7561d7e23aa168ea269291f54fd85a2b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B58C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuimo0VoqTCDFX3KWHNpCzvemvhR9fi5ysvEAuR4jDw3F2f8D3d2hcMeUHSWJmGalnMY9VXUchE1YYF_Y38-DquaLnOp4ODQRUqWDDmwJ3xaP9D15FLHAlc82zJyk7ClzdolCXTeaEFY8FiXLn--z0dpV1hTQUWgvBN7b9bK9FGVf5mMTfhK0WTgZnwK7J8yPoEF0ZgxqMqiObDI8imMI0DgqXFynXFf7GeuHPXMptULbh34H86dXbbePwZuWJDmnNSc9vpw7UTG5DvzHMIecuMmUQq21lwrmaRUizZnosjKerpAopMw6EgcuGs5N0wMBWHJ4uTfAt1oQE0tPh1qG9P_mFlTnXZ8w&sai=AMfl-YT-9DMvbq8925578JOdYuRFBo7I8Kjm8zrQPQwVr33KGkLOaw8dq49LkHfAVVNY_WjY56lp7tGy-rdVPB9OYImAqS_cyDTWMN1bzfti1CS8tHL5tdTVnrWSQgHr4Ah3&sig=Cg0ArKJSzFxXvglNtoAUEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Jan 2022 04:09:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 07 Jan 2022 04:09:38 GMT
truncated
/ Frame B58C
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145b5fc96421eb9a2c0b148cf27b5dd13ce95d49c53de74670c641d4a69c1a89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 6C8F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_n8IMJuwYsyvG0pmnnuhtIfJ-ElMH2R2_Uw_SFUWTRwzY9CzpXcDCPCwhGkOz_n6BeI87Ei_IKBcB9I7wwmEBmSw9vJNanWVHWYzhaV96aLnPXxS7NUcoqP6uZFSe_cmWmwDafMAX_ufa1AfQP7kkHY4xWAEzIYeGxywcHm0Hwk_g2X0R-6UwA3f_NGfieAbQtBwmVumeSJfj92bnM5KuwZ960neg2f0dLoYURp9gNWoyrQU-j1XIaeuc7JF2ccJc6lnn_TXLtttWYoJXF1G27Ltm_fh04QtBNopQMWecr4vYd5rtgAyvIwUcOclQev2qF-EJ&sai=AMfl-YRphIbsBJys2SQ4thpCFpyOiGBWxTa1Slp-Vj20pJLBm9oqc2kz0wzbL0Pavt_VN3VoYYsCD3-eULQl20pxj5bX_-cUUcG3AWZ2FEAoNGEJWnwYMRChm2YcwCr0BHd0&sig=Cg0ArKJSzJMzJLn5CwYFEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Jan 2022 04:09:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame 6C8F
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7894
x-xss-protection
0
server
cafe
etag
10405968765291005445
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 04:02:25 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 6C8F
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 03:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
625
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 03:59:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C8F
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 07 Jan 2022 04:09:38 GMT
l
www.google.com/ads/measurement/ Frame 6C8F
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5FdgP2bVa7DbR8rsiOU2G3FHREUXPZwYRBagR8knjk7IJjRFAyoV9_ZWA1yglg0TbVVAM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

5641971169692989816
tpc.googlesyndication.com/simgad/ Frame 6C8F
56 KB
56 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/5641971169692989816
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef8f24cedb59e0336efdfa9838562a5cb6cc9f93dbaa772df4338fcbe758eb0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 16:58:57 GMT
x-content-type-options
nosniff
age
126641
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57694
x-xss-protection
0
last-modified
Sat, 18 Sep 2021 04:09:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Jan 2023 16:58:57 GMT
container.html
1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E6F4
6 KB
3 KB
Document
General
Full URL
https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 07 Jan 2022 04:09:38 GMT
expires
Sat, 07 Jan 2023 04:09:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame ED59
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7CVaEsFOm6Oo0nm7I13NaSv2mlGZwYyETeFoRJF_wrvQCddxflrHW3he6BfjRaviqtFrms2l0rGyp147C2d4l7Gp4elEkEawyXE0FQ28RQPX_reAUaR84pdNZPFHx2Nm74W6cGqXRtPlWl7hko6yxbhabqGx2GDLppdwkE3ex0nuTcUb3QfmiG48irbo_v6016YhGcZzkFOkg8fWOCu8BXiEUPI_1__AbUJwT21UDKbnYm4WauzIm-nSvpDLd-k_ud09ThEsCJlXiIX4E4oTZb3R85TSA0MaY5YolKXuLLq7Mou2ogDQM_LuiqPrE0qCGMtnZqWaomp3Ur9oKdOJ4myC0nyo&sai=AMfl-YQNj84ActmgHzKyxcgBm_zubliNaFLPS_jwV_TdSDVrxslHqgcZeWFpAEaNQXgxjfY5yzhOU-Jfmm7CR5JNVG2gluFnQ-LVBwZot9JjYLQe1_VM0v6bOKq7AwbU0ir4&sig=Cg0ArKJSzMmXBZdBrSgSEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Jan 2022 04:09:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame ED59
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7894
x-xss-protection
0
server
cafe
etag
10405968765291005445
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 04:02:25 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame ED59
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 03:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
625
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 03:59:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ED59
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 07 Jan 2022 04:09:38 GMT
15615824849857122223
tpc.googlesyndication.com/simgad/ Frame ED59
552 KB
552 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15615824849857122223
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff70bdf36f985a7cd1c5b8e67f161868c00ea0d31b4edd8ea558fa1f6bff6d1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 07:18:50 GMT
x-content-type-options
nosniff
age
420648
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
565486
x-xss-protection
0
last-modified
Sun, 02 Jan 2022 07:02:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 02 Jan 2023 07:18:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ADBF
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhAJSX8XftFs_3X3CJ-ttOOytFck7-2cjWVlgFeGn8hwVQ6Ecjgxywgs3moysR-LeCZq9jA0AGvTMv_t-KCEEf5Pd_IP4SAGtRcStyrTjSc-_KKgFJu-wmEvcPjROpj9ZeOGRdamscGmqGNOGzI7TafDxJ8LjfxVozsbhkM-nctMrp125PVBIKsUHilU228_TfmzyRQLCpQNqO1ZVWhZjOCrjXHp5tztqPpWm-F7LZ-jj0Y5AjZtyILpk4SwGBU-pefbElGLSmLrbZ8vQYZOKVoIgBxaF4Wib-w_uAqfj4UUqvgL_-_J-Gl1sQasBeadZSaLk6Mw&sai=AMfl-YSB8LHRu2RDyBjgj-XaimLbpwwkKg9PePpdSIxQWICL5yqGh0FkgfI5kYH8Yvf4a0X02suRWvkGwaQEbMwxsaxiUCp_ZfKEeTS6YKcaymwy5WeybL6mQm-vutQrKwaM&sig=Cg0ArKJSzKPAwEc5fH0wEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Jan 2022 04:09:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 07 Jan 2022 04:09:38 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5D74
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CD6gAAr3XYdymHtqjgQfs04eQCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAn3D1gNt87I-4AIAqAMBqgTGAk_QMghDs0KcMQfU1jRwZ2Jw5CPL6hS5v1U0Xpcue0iN-0H9ycD-DNHjYMD0cUQcyFqPelBgQAhvogO1t-BX_z2x9aojYjsyVWXJVm2dWwMBgWcLUjmUzQhRA_uyRDnMGBdMBKdkOogb2L4N63z5RzEWY3O4nlySwjyImagUgxSjML49eukBKliy4BQxi2H9vsih9rAMHjmnWRTvHHmOeteMkqjTuRgIuoXzvBMVjT2YGC9lngQEwb1-okO3EQnES0bTksZ7g6lljK5M9H1I5UaZkrrprMu1cWplnmWrBbLHd5AiZLVoIecmVM9QFBzGL7AUgc513hHDFB8hI3s687CgS1hegYgxPK58kF37Sgctg9KYk1oa4mjjgObpV4k9FRvKD3JRwchLwPNBi7jxoz8f5om5VCNkVxmQWk2yhq6FnXfdJrkC4AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAGACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTAxNzA1NjUzMzI2MTQyOBiiuBs&sigh=SajTLbHxAcs&uach_m=[UACH]&cid=CAQSPwCNIrLMdqY0SIcxLUmHlvbQFu9eMnrHwJQoe0VXCmvfsAWP1H_Ki1g2Ej8rwGVN0yA_CFMzY9ZPJ8TrsH8-UhgB
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

notify
rtb.fr.eu.criteo.com/google/auction/ Frame 5D74
0
0
Fetch
General
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=U8DUEd2BMKwC-gGdg2ICAgAAAD93SFqGGDAycNRne96NXYsQAr3XYQB4BJRwGHyv6hvXABI&wp=Yde9AgAHk1wK4FHaAAHp7Kbd07d9B5E5AYGnSg
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
server
Kestrel
server-processing-duration-in-ticks
211646
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 1FBA
158 KB
50 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAHk1wK4FHaAAHp7Kbd07d9B5E5AYGnSg&u=%7CRvE5V9mAiTLnxuGBRXOHWK61vTqK%2FA3Q%2F6Hkp6dTBOQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2QKiI0Jg3g86PgOGRgROWHqjLSkOlQ0MQ1-1VS4TvIj2OudFw-G_ZYyUrZ4joECdBSd4o2Q4raRNMGhmWb-ws5BL8orVXe-aXddI9YPF-lI1_HJXsOE9t_07ju7LW6sw05jzpid6Mpcba-nEO9BbmzUshHQMDphA0H0bcMzjzHAn4PhBNv8J3YUUnbg1Hj4oyrs6N_oAcsdtReMBC1mlZtV5lZTCWxsiCGeEnLyC_BBCFweTh7ijq5DcHvfI076765hwJQnpyckZmRUMpziEmG_Zll6tSF11F9n5ABELhLWVYhBfOIDGY8IU72kDWvPV0tL5AHsMqzB_lDhiFjM84ZoIRe00MwwVkSvQuOMl1lgbsd8UWGQDbIyVr9LievdCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6SM5Ar3XYdymHtqjgQfs04eQCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAn3D1gNt87I-4AIAqAMBqgTJAk_QMghDs0KcMQfU1jRwZ2Jw5CPL6hS5v1U0Xpcue0iN-0H9ycD-DNHjYMD0cUQcyFqPelBgQAhvogO1t-BX_z2x9aojYjsyVWXJVm2dWwMBgWcLUjmUzQhRA_uyRDnMGBdMBKdkOogb2L4N63z5RzEWY3O4nlySwjyImagUgxSjML49eukBKliy4BQxi2H9vsih9rAMHjmnWRTvHHmOeteMkqjTuRgIuoXzvBMVjT2YGC9lngQEwb1-okO3EQnES0bTksZ7g6lljK5M9H1I5UaZkrrprMu1cWplnmWrBbLHd5AiZLVoIecmVM9QFBzGL7AUgc513hHDFB8hI3s687CgS1hegYgxPK58kF37Sgctg9KYk1oa4mjjgObpV4k9FVnILuDWTlRYf29VKGjMBccW8oMPXg181a1YZ-tAObCphfJ3oqq9ZPK34AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nzsArWxvtSGqsormKAb1i-A1-iQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Requested by
Host: 1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com
URL: https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cfc194c2b5bdcbc7de2585d42ec3c1ef216f8af3c68729d6f18804761a1319dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=vn2-qc9r7a_MPcBvCqIvFFxjlwG8cFmrHKLv_KBeFd_RmbyJRU0AbtHM6chwato0KipkFtv76wcgSScVIHyhhcK2H-kUDukxJGzcqi72w21Z5yVu4nkiMwHpvWi-AW8nfdEMMhRhKs7vKMYuBqBfHoyJ5hH-s0amstfE7X0Te00Y6JQy9uNAjwRDw8tofQoyjeS7GxBCAOiYyVcdYNaLlA1YltL4phpXeE3aZvtlY9NfsC05zOVno8_yDZ7ZwIfDdMiUqw"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
80567927
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 5D74
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: 1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com
URL: https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 03:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
625
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 03:59:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5D74
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com
URL: https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 07 Jan 2022 04:09:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 5D74
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com
URL: https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:04:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
294
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
server
cafe
etag
13366392639478751132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 04:04:44 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5D74
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com
URL: https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 19:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 06 Jan 2023 19:46:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CA77
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTuiXT7ZHSjBd3tUXCNoEvt8Ej3VunT2s2w2JTxxsSDo5rnyGt4toq-rP5vMcbF8t4rbDIfT_wJKqO7Vy8fd2egJ9yARXbFlLgADuTwTbi14-7RTaTHL128twJm0ergecRz6hbyEr7wXw2xT1gHkS_MmblB_4wIr9OHJUs8Z33Svyo0PfY2S793Fp9VdYGGUmhsvNkEw4KA22mRVAEQLpKlWICCvnFN8nMpGb_Ri0N3WoJkjFadpb0Tis768jIkE61giPf3-8ZRbwNuK5NL0tnMf2vLl-WjwAJgJOlxBcmk0vHzAGj7LzGRVOaA_YBgQSnCeSSWFbj-9PK-UY6bYzB8umM&sai=AMfl-YS5_dwh_99L0ZWRq90tL9e6leDgbtVTpj9Whbo8Gy2-zEfJiDI6n4jwLwjLZpB2tLETAnIBjWu4vpDLyITHEnVkbPRm3senTD_ANw1WreJKgj9KzRFBByhBcRksPm0h&sig=Cg0ArKJSzBpedC_wekitEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Jan 2022 04:09:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 07 Jan 2022 04:09:38 GMT
truncated
/ Frame CA77
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb1160602c44c91d4d3f78f40798e8b036320e13f3b6228e5b2ea6ea73c7afb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame E6F4
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CnWPlAr3XYdOiKMWG7gOSxb7wC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAqXCW3s_9LI-4AIAqAMBqgS0Ak_QUDOEdKScwAhLwT6tASn6mSNjSplZ0vOFl__X9y3tXGRr6p4ygo8MNQ4cQAOKRiWP2iHcaVwghTXYBJLaODd7lf3AVawZwxLhFhITEJEczjuIvVcRXuohcY5YAgnot1NnGM1-E1eRWbNg86ivVZOu5jGJl_9J5RLGwDxQqPcwYtMoaHHfGRRnpXPVg4SlXIxTf0sBJ5pywn4CHNu096kCOvvRFmeC8fPu3dDHVpRby1UqAu0mPAwfCxZj9sboewSgiTWXnucYqz-EHgpm-fVnedHjCshGfosawouTkVuGelhWdVrfz4kKVvrqOW5H1pREQ6hvBgdS3ZwP7eRHVJxNSQT-dl03PeBWkV2pQQHHhpaYXc1lE7u2g5AbuMRsgubjaYxR5Y-PN6dLTu8TVY4zYm-p4AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAGACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTAxNzA1NjUzMzI2MTQyOBiiuBs&sigh=jtjwuFzfr3c&uach_m=[UACH]&cid=CAQSPwCNIrLMrCkgSoMbcK7rPuE6rX2rgOJ7tQw7D1pz_vQ2AzMXg-5cw63e17uZ8rkVtu4Ep3KZLMsiRwMBfGmOyhgB
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

notify
rtb.nl.eu.criteo.com/google/auction/ Frame E6F4
0
0
Fetch
General
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=U8DUEd6BMNgFWp2DYgICAAAAUyNR3_cBtfdw1Gd73o1dixACvddhuyQttkJdgblT01sAEg&wp=Yde9AgAKEVMKe4NFAA-ikkGXk-WQ84nPZ65N0g
Requested by
Host: www.thedailystar.net
URL: https://www.thedailystar.net/shout/news/fooling-scammersinternet-justice-1977997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
server
Kestrel
server-processing-duration-in-ticks
276246
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 4F61
157 KB
48 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAKEVMKe4NFAA-ikkGXk-WQ84nPZ65N0g&u=%7CRvE5V9mAiTJg9OYWKTmgf1K4fOIGx3l%2B4U08I5X8ZIM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdJHTWVoJr9RGjCINpa95qU82B5Bl9BFxjrfaRVkEolEG3w76LwhSURyfX0TxRy-I7lsrtirWnGnpRT3-Sy49wPB9zxw54rigbunfWTXJ58u3u_RyWeA5wggTdWR3I1slmWO__c04ps1nYL1R_gxaLsh46b_pcswV6ubnR0IZUuVBGm2JUZ15dYGMk8wvRvS4ctHbuqKBy_EV0GVIAZXVeyUHhJJd7JKT3xzCceeY3OgMIRImJtAVRBrlj2t1v34gDgRxk5Vu31IjCoCbgzGtnUqmQZNgc8AVL-HmCCnrUhVJmjrmothcbL6A1gkmOS-buIXBY0oceD_hIF_D_HuOiNFIHlrxG55NvZNDGoaqVn3wZ8TmP9xBrb8O1My1VYaUTSjbXNnGWDSu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsoYUAr3XYdOiKMWG7gOSxb7wC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAqXCW3s_9LI-4AIAqAMBqgS3Ak_QUDOEdKScwAhLwT6tASn6mSNjSplZ0vOFl__X9y3tXGRr6p4ygo8MNQ4cQAOKRiWP2iHcaVwghTXYBJLaODd7lf3AVawZwxLhFhITEJEczjuIvVcRXuohcY5YAgnot1NnGM1-E1eRWbNg86ivVZOu5jGJl_9J5RLGwDxQqPcwYtMoaHHfGRRnpXPVg4SlXIxTf0sBJ5pywn4CHNu096kCOvvRFmeC8fPu3dDHVpRby1UqAu0mPAwfCxZj9sboewSgiTWXnucYqz-EHgpm-fVnedHjCshGfosawouTkVuGelhWdVrfz4kKVvrqOW5H1pREQ6hvBgdS3ZwP7eRHVJxNSQT-dl03PeBWkV2pQUPFpwQf0lF2rCeiIEAmHjxlluxVY6JJZztHCgG58fE_TQuZ5nwWEQQ44AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uBslijQJNd9roLx4DN-_ML2vcKQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Requested by
Host: 1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com
URL: https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
35489e0c94e5bba3a60e14f62ea89c61ba667fb0913db486a16ce1cde5834f7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=oOhh9s9r7a_MPcBvoXC-StxcZPGlDlKNdDjZDi9HgOKoGaexp2RsML_amByvAaGrCwufZWtQ6eOb6PIxg0oCN6Ghd8hZZklaAHvT9vYlGLR0aneA-YJtkwK1zqX1lXKJqgDamruAhXLeLkFsJ-HJgSDbR9mdBAHBN2RSoscQO8RLX38p9rnRTJjDQyws-vBQuREjDYYiQQYXXvVrjuzl3FTVuPP9f43qd9Y7I4Y3xsf-g7CIyQ_S6SVUNxEg6OkzlXjbFg"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
68587524
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame E6F4
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: 1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com
URL: https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 03:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
625
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 03:59:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E6F4
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com
URL: https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 07 Jan 2022 04:09:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame E6F4
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com
URL: https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:04:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
294
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
server
cafe
etag
13366392639478751132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 04:04:44 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E6F4
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com
URL: https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 19:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 06 Jan 2023 19:46:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6C8F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9_gd035yQ_urk1w_Wcx008xm_3bsE1vIhfvZKpWkBss_wygU-d5KWTR3NTYDQHVhYrRvEhowRwUlClfSn0sUl7xUGDxm3DPV1Eij5THd8BlaZcYRIvhh6nR_w6qLqrTtMe-X6p4Wl5zOuwngIce4drt6gw2uCzn_J2U7RvJNw7DCOWgv0DriCjxlc2FHEDRJ_9dpwlx2tpjF70yoiFubLohbUDAtwuLvOXD-zChsW8x07oMTfeaal_wg0aizqJM1NV4i5kpPTeyFvfH8pBktVebXgqbzjySZrKTWIsPiuJM3xEKVPC6N_TlFKqKGPHrEy8y4jswQ&sai=AMfl-YQjZTMbtLw8Z_bxFKxD9OJbjwaSs8JnPs6_xZvgw-0tITuN4_wLh5HAQuGwV8hWOYAashIjl3z3e21GIO0RcwC8q67hdXMMfx5_Y2siEjLrxm9DS_eM_9dDE90UrNgO&sig=Cg0ArKJSzG2qiS-VCh9tEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Jan 2022 04:09:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 07 Jan 2022 04:09:38 GMT
truncated
/ Frame 6C8F
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c45e81ad896196f59cd468f77fdc0461ea8dfdb3d37171882978ee003aef4bed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame ED59
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuec8wM5QFp5DwOb5JYA9qk54XOs70cFfh7-a9XMKAoU3TgUCDjILhbJ8WC05BQ2YLp_RuFB2jMNdxmN7LvKF5-p5n6POncF8vavz43E3NzOXtPkakcUspeGoSVyudMcC1223vYw3bDMCJcbOo42eASeaysIAqaOH0UGzOTHZFtVbARV_5Tl1Fovu6M3A_IGBJubE7tWLqymqKNlIwiQVglETBAVUVCxKAJ4JxbrIadsPmKxVVoLEAOEhPS9mvVRirww9a-IVpc1tSQuci_AyOUDtIjLst5h4uUku8Gb718zZus1_DjySs2u6c9ILo6HtbexkQc7algA1ikNz0iHLyGY0HuoKReiw&sai=AMfl-YR8Bub1wbTrFL_BqkXad1ydRkiPWw2sXXsuyhoWyHWXKxZFMGqgJWg66kQuFWScg7Im5100wfVkrxuaI5NGtxGpj7ZpR83qJs2YxIUugI3S4-vLCO_SFNnFBXJJ7UAg&sig=Cg0ArKJSzFqkqXq6dC4yEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Jan 2022 04:09:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 07 Jan 2022 04:09:38 GMT
truncated
/ Frame ED59
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0abb6f712bb7adbc8a591b5f55d3206e41a338ea50161592b0fb1959d80db688

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5D74
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79ac5cb3a26ae275bf8b4a2410362983a84e7e7010791e7fe8810f19f95dd614

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E6F4
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3e11f92bbff59d805a1df3c7e88264cac22798e562cfc0581b0d2d49da310e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 1FBA
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAHk1wK4FHaAAHp7Kbd07d9B5E5AYGnSg&u=%7CRvE5V9mAiTLnxuGBRXOHWK61vTqK%2FA3Q%2F6Hkp6dTBOQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2QKiI0Jg3g86PgOGRgROWHqjLSkOlQ0MQ1-1VS4TvIj2OudFw-G_ZYyUrZ4joECdBSd4o2Q4raRNMGhmWb-ws5BL8orVXe-aXddI9YPF-lI1_HJXsOE9t_07ju7LW6sw05jzpid6Mpcba-nEO9BbmzUshHQMDphA0H0bcMzjzHAn4PhBNv8J3YUUnbg1Hj4oyrs6N_oAcsdtReMBC1mlZtV5lZTCWxsiCGeEnLyC_BBCFweTh7ijq5DcHvfI076765hwJQnpyckZmRUMpziEmG_Zll6tSF11F9n5ABELhLWVYhBfOIDGY8IU72kDWvPV0tL5AHsMqzB_lDhiFjM84ZoIRe00MwwVkSvQuOMl1lgbsd8UWGQDbIyVr9LievdCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6SM5Ar3XYdymHtqjgQfs04eQCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAn3D1gNt87I-4AIAqAMBqgTJAk_QMghDs0KcMQfU1jRwZ2Jw5CPL6hS5v1U0Xpcue0iN-0H9ycD-DNHjYMD0cUQcyFqPelBgQAhvogO1t-BX_z2x9aojYjsyVWXJVm2dWwMBgWcLUjmUzQhRA_uyRDnMGBdMBKdkOogb2L4N63z5RzEWY3O4nlySwjyImagUgxSjML49eukBKliy4BQxi2H9vsih9rAMHjmnWRTvHHmOeteMkqjTuRgIuoXzvBMVjT2YGC9lngQEwb1-okO3EQnES0bTksZ7g6lljK5M9H1I5UaZkrrprMu1cWplnmWrBbLHd5AiZLVoIecmVM9QFBzGL7AUgc513hHDFB8hI3s687CgS1hegYgxPK58kF37Sgctg9KYk1oa4mjjgObpV4k9FVnILuDWTlRYf29VKGjMBccW8oMPXg181a1YZ-tAObCphfJ3oqq9ZPK34AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nzsArWxvtSGqsormKAb1i-A1-iQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:39 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 02 Jan 2023 04:09:39 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1FBA
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAHk1wK4FHaAAHp7Kbd07d9B5E5AYGnSg&u=%7CRvE5V9mAiTLnxuGBRXOHWK61vTqK%2FA3Q%2F6Hkp6dTBOQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2QKiI0Jg3g86PgOGRgROWHqjLSkOlQ0MQ1-1VS4TvIj2OudFw-G_ZYyUrZ4joECdBSd4o2Q4raRNMGhmWb-ws5BL8orVXe-aXddI9YPF-lI1_HJXsOE9t_07ju7LW6sw05jzpid6Mpcba-nEO9BbmzUshHQMDphA0H0bcMzjzHAn4PhBNv8J3YUUnbg1Hj4oyrs6N_oAcsdtReMBC1mlZtV5lZTCWxsiCGeEnLyC_BBCFweTh7ijq5DcHvfI076765hwJQnpyckZmRUMpziEmG_Zll6tSF11F9n5ABELhLWVYhBfOIDGY8IU72kDWvPV0tL5AHsMqzB_lDhiFjM84ZoIRe00MwwVkSvQuOMl1lgbsd8UWGQDbIyVr9LievdCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6SM5Ar3XYdymHtqjgQfs04eQCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAn3D1gNt87I-4AIAqAMBqgTJAk_QMghDs0KcMQfU1jRwZ2Jw5CPL6hS5v1U0Xpcue0iN-0H9ycD-DNHjYMD0cUQcyFqPelBgQAhvogO1t-BX_z2x9aojYjsyVWXJVm2dWwMBgWcLUjmUzQhRA_uyRDnMGBdMBKdkOogb2L4N63z5RzEWY3O4nlySwjyImagUgxSjML49eukBKliy4BQxi2H9vsih9rAMHjmnWRTvHHmOeteMkqjTuRgIuoXzvBMVjT2YGC9lngQEwb1-okO3EQnES0bTksZ7g6lljK5M9H1I5UaZkrrprMu1cWplnmWrBbLHd5AiZLVoIecmVM9QFBzGL7AUgc513hHDFB8hI3s687CgS1hegYgxPK58kF37Sgctg9KYk1oa4mjjgObpV4k9FVnILuDWTlRYf29VKGjMBccW8oMPXg181a1YZ-tAObCphfJ3oqq9ZPK34AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nzsArWxvtSGqsormKAb1i-A1-iQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:39 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 02 Jan 2023 04:09:39 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 1FBA
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAHk1wK4FHaAAHp7Kbd07d9B5E5AYGnSg&u=%7CRvE5V9mAiTLnxuGBRXOHWK61vTqK%2FA3Q%2F6Hkp6dTBOQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2QKiI0Jg3g86PgOGRgROWHqjLSkOlQ0MQ1-1VS4TvIj2OudFw-G_ZYyUrZ4joECdBSd4o2Q4raRNMGhmWb-ws5BL8orVXe-aXddI9YPF-lI1_HJXsOE9t_07ju7LW6sw05jzpid6Mpcba-nEO9BbmzUshHQMDphA0H0bcMzjzHAn4PhBNv8J3YUUnbg1Hj4oyrs6N_oAcsdtReMBC1mlZtV5lZTCWxsiCGeEnLyC_BBCFweTh7ijq5DcHvfI076765hwJQnpyckZmRUMpziEmG_Zll6tSF11F9n5ABELhLWVYhBfOIDGY8IU72kDWvPV0tL5AHsMqzB_lDhiFjM84ZoIRe00MwwVkSvQuOMl1lgbsd8UWGQDbIyVr9LievdCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6SM5Ar3XYdymHtqjgQfs04eQCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAn3D1gNt87I-4AIAqAMBqgTJAk_QMghDs0KcMQfU1jRwZ2Jw5CPL6hS5v1U0Xpcue0iN-0H9ycD-DNHjYMD0cUQcyFqPelBgQAhvogO1t-BX_z2x9aojYjsyVWXJVm2dWwMBgWcLUjmUzQhRA_uyRDnMGBdMBKdkOogb2L4N63z5RzEWY3O4nlySwjyImagUgxSjML49eukBKliy4BQxi2H9vsih9rAMHjmnWRTvHHmOeteMkqjTuRgIuoXzvBMVjT2YGC9lngQEwb1-okO3EQnES0bTksZ7g6lljK5M9H1I5UaZkrrprMu1cWplnmWrBbLHd5AiZLVoIecmVM9QFBzGL7AUgc513hHDFB8hI3s687CgS1hegYgxPK58kF37Sgctg9KYk1oa4mjjgObpV4k9FVnILuDWTlRYf29VKGjMBccW8oMPXg181a1YZ-tAObCphfJ3oqq9ZPK34AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nzsArWxvtSGqsormKAb1i-A1-iQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:39 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 02 Jan 2023 04:09:39 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 1FBA
507 B
835 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAHk1wK4FHaAAHp7Kbd07d9B5E5AYGnSg&u=%7CRvE5V9mAiTLnxuGBRXOHWK61vTqK%2FA3Q%2F6Hkp6dTBOQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2QKiI0Jg3g86PgOGRgROWHqjLSkOlQ0MQ1-1VS4TvIj2OudFw-G_ZYyUrZ4joECdBSd4o2Q4raRNMGhmWb-ws5BL8orVXe-aXddI9YPF-lI1_HJXsOE9t_07ju7LW6sw05jzpid6Mpcba-nEO9BbmzUshHQMDphA0H0bcMzjzHAn4PhBNv8J3YUUnbg1Hj4oyrs6N_oAcsdtReMBC1mlZtV5lZTCWxsiCGeEnLyC_BBCFweTh7ijq5DcHvfI076765hwJQnpyckZmRUMpziEmG_Zll6tSF11F9n5ABELhLWVYhBfOIDGY8IU72kDWvPV0tL5AHsMqzB_lDhiFjM84ZoIRe00MwwVkSvQuOMl1lgbsd8UWGQDbIyVr9LievdCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6SM5Ar3XYdymHtqjgQfs04eQCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAn3D1gNt87I-4AIAqAMBqgTJAk_QMghDs0KcMQfU1jRwZ2Jw5CPL6hS5v1U0Xpcue0iN-0H9ycD-DNHjYMD0cUQcyFqPelBgQAhvogO1t-BX_z2x9aojYjsyVWXJVm2dWwMBgWcLUjmUzQhRA_uyRDnMGBdMBKdkOogb2L4N63z5RzEWY3O4nlySwjyImagUgxSjML49eukBKliy4BQxi2H9vsih9rAMHjmnWRTvHHmOeteMkqjTuRgIuoXzvBMVjT2YGC9lngQEwb1-okO3EQnES0bTksZ7g6lljK5M9H1I5UaZkrrprMu1cWplnmWrBbLHd5AiZLVoIecmVM9QFBzGL7AUgc513hHDFB8hI3s687CgS1hegYgxPK58kF37Sgctg9KYk1oa4mjjgObpV4k9FVnILuDWTlRYf29VKGjMBccW8oMPXg181a1YZ-tAObCphfJ3oqq9ZPK34AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nzsArWxvtSGqsormKAb1i-A1-iQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:39 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 02 Jan 2023 04:09:39 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 1FBA
43 B
347 B
Image
General
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=ibsjzCdT-CWD74bROCY9dPLPwmghbUx6Z9bq_ydeLxH0Dt17FKh6Ehs1N3xP05HDufPprXxkYpYkgvmnK6fu63aT-YKLb9CRENXI1TiXU4F86xORjZW0Nn2gIXEbS3ulYp9WfT8ddmlUbzWuIdNA27dZ6x4oR9KdPJpe3NVbIdPcqTefD4Wr0Sh2qs6csy2UgBcNmexb6FdwxSx5u5yVTWyutIAoSA2sCu1wRkMbkHSwkmvzXY7lZFV2togOk6GDA9o-WKst-_xPIQkbQJDCdXAITOVsH9KyOzRnrjVnFgV41PEuYwtFFNx2GSPcBzvC8OIBVoJg1MYK57D8W1kTOH_0E_YWBaCQZZ4MSJXsdN4_txOoztPgI5qOPA2zoljXhdf-gXf1dIxAWg_PLXGCyLNMFHN9LRo1wX_ZH8yHK5nuaB5xYc1lWF9XwNlvM8hUZNu1Zw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAHk1wK4FHaAAHp7Kbd07d9B5E5AYGnSg&u=%7CRvE5V9mAiTLnxuGBRXOHWK61vTqK%2FA3Q%2F6Hkp6dTBOQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2QKiI0Jg3g86PgOGRgROWHqjLSkOlQ0MQ1-1VS4TvIj2OudFw-G_ZYyUrZ4joECdBSd4o2Q4raRNMGhmWb-ws5BL8orVXe-aXddI9YPF-lI1_HJXsOE9t_07ju7LW6sw05jzpid6Mpcba-nEO9BbmzUshHQMDphA0H0bcMzjzHAn4PhBNv8J3YUUnbg1Hj4oyrs6N_oAcsdtReMBC1mlZtV5lZTCWxsiCGeEnLyC_BBCFweTh7ijq5DcHvfI076765hwJQnpyckZmRUMpziEmG_Zll6tSF11F9n5ABELhLWVYhBfOIDGY8IU72kDWvPV0tL5AHsMqzB_lDhiFjM84ZoIRe00MwwVkSvQuOMl1lgbsd8UWGQDbIyVr9LievdCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6SM5Ar3XYdymHtqjgQfs04eQCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAn3D1gNt87I-4AIAqAMBqgTJAk_QMghDs0KcMQfU1jRwZ2Jw5CPL6hS5v1U0Xpcue0iN-0H9ycD-DNHjYMD0cUQcyFqPelBgQAhvogO1t-BX_z2x9aojYjsyVWXJVm2dWwMBgWcLUjmUzQhRA_uyRDnMGBdMBKdkOogb2L4N63z5RzEWY3O4nlySwjyImagUgxSjML49eukBKliy4BQxi2H9vsih9rAMHjmnWRTvHHmOeteMkqjTuRgIuoXzvBMVjT2YGC9lngQEwb1-okO3EQnES0bTksZ7g6lljK5M9H1I5UaZkrrprMu1cWplnmWrBbLHd5AiZLVoIecmVM9QFBzGL7AUgc513hHDFB8hI3s687CgS1hegYgxPK58kF37Sgctg9KYk1oa4mjjgObpV4k9FVnILuDWTlRYf29VKGjMBccW8oMPXg181a1YZ-tAObCphfJ3oqq9ZPK34AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nzsArWxvtSGqsormKAb1i-A1-iQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 04:09:38 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3467604
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1FBA
12 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAHk1wK4FHaAAHp7Kbd07d9B5E5AYGnSg&u=%7CRvE5V9mAiTLnxuGBRXOHWK61vTqK%2FA3Q%2F6Hkp6dTBOQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2QKiI0Jg3g86PgOGRgROWHqjLSkOlQ0MQ1-1VS4TvIj2OudFw-G_ZYyUrZ4joECdBSd4o2Q4raRNMGhmWb-ws5BL8orVXe-aXddI9YPF-lI1_HJXsOE9t_07ju7LW6sw05jzpid6Mpcba-nEO9BbmzUshHQMDphA0H0bcMzjzHAn4PhBNv8J3YUUnbg1Hj4oyrs6N_oAcsdtReMBC1mlZtV5lZTCWxsiCGeEnLyC_BBCFweTh7ijq5DcHvfI076765hwJQnpyckZmRUMpziEmG_Zll6tSF11F9n5ABELhLWVYhBfOIDGY8IU72kDWvPV0tL5AHsMqzB_lDhiFjM84ZoIRe00MwwVkSvQuOMl1lgbsd8UWGQDbIyVr9LievdCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6SM5Ar3XYdymHtqjgQfs04eQCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAn3D1gNt87I-4AIAqAMBqgTJAk_QMghDs0KcMQfU1jRwZ2Jw5CPL6hS5v1U0Xpcue0iN-0H9ycD-DNHjYMD0cUQcyFqPelBgQAhvogO1t-BX_z2x9aojYjsyVWXJVm2dWwMBgWcLUjmUzQhRA_uyRDnMGBdMBKdkOogb2L4N63z5RzEWY3O4nlySwjyImagUgxSjML49eukBKliy4BQxi2H9vsih9rAMHjmnWRTvHHmOeteMkqjTuRgIuoXzvBMVjT2YGC9lngQEwb1-okO3EQnES0bTksZ7g6lljK5M9H1I5UaZkrrprMu1cWplnmWrBbLHd5AiZLVoIecmVM9QFBzGL7AUgc513hHDFB8hI3s687CgS1hegYgxPK58kF37Sgctg9KYk1oa4mjjgObpV4k9FVnILuDWTlRYf29VKGjMBccW8oMPXg181a1YZ-tAObCphfJ3oqq9ZPK34AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nzsArWxvtSGqsormKAb1i-A1-iQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3049467
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylecvBmNb3gUTlTG8RArHa%2FfN%2BZi5X43t29%2FYCNgKE8LR3sRQhyqXJvXHZC4%2FgSnr%2B657qTUyTU3yY0im%2BNOVBtRuFpTP87HJejoUrADL8r6ZV2Z6J%2FhyRN79%2ByoTURq2JkQ%2BDhKN4ekoxcLl9Vz9YMD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c9a54f33f095c14-FRA
x-cache-tag
abcd1234
expires
Wed, 28 Dec 2022 04:09:39 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4F61
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAKEVMKe4NFAA-ikkGXk-WQ84nPZ65N0g&u=%7CRvE5V9mAiTJg9OYWKTmgf1K4fOIGx3l%2B4U08I5X8ZIM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdJHTWVoJr9RGjCINpa95qU82B5Bl9BFxjrfaRVkEolEG3w76LwhSURyfX0TxRy-I7lsrtirWnGnpRT3-Sy49wPB9zxw54rigbunfWTXJ58u3u_RyWeA5wggTdWR3I1slmWO__c04ps1nYL1R_gxaLsh46b_pcswV6ubnR0IZUuVBGm2JUZ15dYGMk8wvRvS4ctHbuqKBy_EV0GVIAZXVeyUHhJJd7JKT3xzCceeY3OgMIRImJtAVRBrlj2t1v34gDgRxk5Vu31IjCoCbgzGtnUqmQZNgc8AVL-HmCCnrUhVJmjrmothcbL6A1gkmOS-buIXBY0oceD_hIF_D_HuOiNFIHlrxG55NvZNDGoaqVn3wZ8TmP9xBrb8O1My1VYaUTSjbXNnGWDSu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsoYUAr3XYdOiKMWG7gOSxb7wC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAqXCW3s_9LI-4AIAqAMBqgS3Ak_QUDOEdKScwAhLwT6tASn6mSNjSplZ0vOFl__X9y3tXGRr6p4ygo8MNQ4cQAOKRiWP2iHcaVwghTXYBJLaODd7lf3AVawZwxLhFhITEJEczjuIvVcRXuohcY5YAgnot1NnGM1-E1eRWbNg86ivVZOu5jGJl_9J5RLGwDxQqPcwYtMoaHHfGRRnpXPVg4SlXIxTf0sBJ5pywn4CHNu096kCOvvRFmeC8fPu3dDHVpRby1UqAu0mPAwfCxZj9sboewSgiTWXnucYqz-EHgpm-fVnedHjCshGfosawouTkVuGelhWdVrfz4kKVvrqOW5H1pREQ6hvBgdS3ZwP7eRHVJxNSQT-dl03PeBWkV2pQUPFpwQf0lF2rCeiIEAmHjxlluxVY6JJZztHCgG58fE_TQuZ5nwWEQQ44AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uBslijQJNd9roLx4DN-_ML2vcKQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:39 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 02 Jan 2023 04:09:39 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4F61
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAKEVMKe4NFAA-ikkGXk-WQ84nPZ65N0g&u=%7CRvE5V9mAiTJg9OYWKTmgf1K4fOIGx3l%2B4U08I5X8ZIM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdJHTWVoJr9RGjCINpa95qU82B5Bl9BFxjrfaRVkEolEG3w76LwhSURyfX0TxRy-I7lsrtirWnGnpRT3-Sy49wPB9zxw54rigbunfWTXJ58u3u_RyWeA5wggTdWR3I1slmWO__c04ps1nYL1R_gxaLsh46b_pcswV6ubnR0IZUuVBGm2JUZ15dYGMk8wvRvS4ctHbuqKBy_EV0GVIAZXVeyUHhJJd7JKT3xzCceeY3OgMIRImJtAVRBrlj2t1v34gDgRxk5Vu31IjCoCbgzGtnUqmQZNgc8AVL-HmCCnrUhVJmjrmothcbL6A1gkmOS-buIXBY0oceD_hIF_D_HuOiNFIHlrxG55NvZNDGoaqVn3wZ8TmP9xBrb8O1My1VYaUTSjbXNnGWDSu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsoYUAr3XYdOiKMWG7gOSxb7wC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAqXCW3s_9LI-4AIAqAMBqgS3Ak_QUDOEdKScwAhLwT6tASn6mSNjSplZ0vOFl__X9y3tXGRr6p4ygo8MNQ4cQAOKRiWP2iHcaVwghTXYBJLaODd7lf3AVawZwxLhFhITEJEczjuIvVcRXuohcY5YAgnot1NnGM1-E1eRWbNg86ivVZOu5jGJl_9J5RLGwDxQqPcwYtMoaHHfGRRnpXPVg4SlXIxTf0sBJ5pywn4CHNu096kCOvvRFmeC8fPu3dDHVpRby1UqAu0mPAwfCxZj9sboewSgiTWXnucYqz-EHgpm-fVnedHjCshGfosawouTkVuGelhWdVrfz4kKVvrqOW5H1pREQ6hvBgdS3ZwP7eRHVJxNSQT-dl03PeBWkV2pQUPFpwQf0lF2rCeiIEAmHjxlluxVY6JJZztHCgG58fE_TQuZ5nwWEQQ44AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uBslijQJNd9roLx4DN-_ML2vcKQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:39 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 02 Jan 2023 04:09:39 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4F61
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAKEVMKe4NFAA-ikkGXk-WQ84nPZ65N0g&u=%7CRvE5V9mAiTJg9OYWKTmgf1K4fOIGx3l%2B4U08I5X8ZIM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdJHTWVoJr9RGjCINpa95qU82B5Bl9BFxjrfaRVkEolEG3w76LwhSURyfX0TxRy-I7lsrtirWnGnpRT3-Sy49wPB9zxw54rigbunfWTXJ58u3u_RyWeA5wggTdWR3I1slmWO__c04ps1nYL1R_gxaLsh46b_pcswV6ubnR0IZUuVBGm2JUZ15dYGMk8wvRvS4ctHbuqKBy_EV0GVIAZXVeyUHhJJd7JKT3xzCceeY3OgMIRImJtAVRBrlj2t1v34gDgRxk5Vu31IjCoCbgzGtnUqmQZNgc8AVL-HmCCnrUhVJmjrmothcbL6A1gkmOS-buIXBY0oceD_hIF_D_HuOiNFIHlrxG55NvZNDGoaqVn3wZ8TmP9xBrb8O1My1VYaUTSjbXNnGWDSu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsoYUAr3XYdOiKMWG7gOSxb7wC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAqXCW3s_9LI-4AIAqAMBqgS3Ak_QUDOEdKScwAhLwT6tASn6mSNjSplZ0vOFl__X9y3tXGRr6p4ygo8MNQ4cQAOKRiWP2iHcaVwghTXYBJLaODd7lf3AVawZwxLhFhITEJEczjuIvVcRXuohcY5YAgnot1NnGM1-E1eRWbNg86ivVZOu5jGJl_9J5RLGwDxQqPcwYtMoaHHfGRRnpXPVg4SlXIxTf0sBJ5pywn4CHNu096kCOvvRFmeC8fPu3dDHVpRby1UqAu0mPAwfCxZj9sboewSgiTWXnucYqz-EHgpm-fVnedHjCshGfosawouTkVuGelhWdVrfz4kKVvrqOW5H1pREQ6hvBgdS3ZwP7eRHVJxNSQT-dl03PeBWkV2pQUPFpwQf0lF2rCeiIEAmHjxlluxVY6JJZztHCgG58fE_TQuZ5nwWEQQ44AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uBslijQJNd9roLx4DN-_ML2vcKQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:39 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 02 Jan 2023 04:09:39 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 4F61
507 B
835 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAKEVMKe4NFAA-ikkGXk-WQ84nPZ65N0g&u=%7CRvE5V9mAiTJg9OYWKTmgf1K4fOIGx3l%2B4U08I5X8ZIM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdJHTWVoJr9RGjCINpa95qU82B5Bl9BFxjrfaRVkEolEG3w76LwhSURyfX0TxRy-I7lsrtirWnGnpRT3-Sy49wPB9zxw54rigbunfWTXJ58u3u_RyWeA5wggTdWR3I1slmWO__c04ps1nYL1R_gxaLsh46b_pcswV6ubnR0IZUuVBGm2JUZ15dYGMk8wvRvS4ctHbuqKBy_EV0GVIAZXVeyUHhJJd7JKT3xzCceeY3OgMIRImJtAVRBrlj2t1v34gDgRxk5Vu31IjCoCbgzGtnUqmQZNgc8AVL-HmCCnrUhVJmjrmothcbL6A1gkmOS-buIXBY0oceD_hIF_D_HuOiNFIHlrxG55NvZNDGoaqVn3wZ8TmP9xBrb8O1My1VYaUTSjbXNnGWDSu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsoYUAr3XYdOiKMWG7gOSxb7wC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAqXCW3s_9LI-4AIAqAMBqgS3Ak_QUDOEdKScwAhLwT6tASn6mSNjSplZ0vOFl__X9y3tXGRr6p4ygo8MNQ4cQAOKRiWP2iHcaVwghTXYBJLaODd7lf3AVawZwxLhFhITEJEczjuIvVcRXuohcY5YAgnot1NnGM1-E1eRWbNg86ivVZOu5jGJl_9J5RLGwDxQqPcwYtMoaHHfGRRnpXPVg4SlXIxTf0sBJ5pywn4CHNu096kCOvvRFmeC8fPu3dDHVpRby1UqAu0mPAwfCxZj9sboewSgiTWXnucYqz-EHgpm-fVnedHjCshGfosawouTkVuGelhWdVrfz4kKVvrqOW5H1pREQ6hvBgdS3ZwP7eRHVJxNSQT-dl03PeBWkV2pQUPFpwQf0lF2rCeiIEAmHjxlluxVY6JJZztHCgG58fE_TQuZ5nwWEQQ44AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uBslijQJNd9roLx4DN-_ML2vcKQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:39 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 02 Jan 2023 04:09:39 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 4F61
43 B
347 B
Image
General
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=CBIP8efTF3YkQoiFUfgYxR3XwtRe7ANYUpkWAoKOjcBDNfTsfhyQoZU5y6h-JiL8dk6hmVs2hzub5hC8OxdRtsIT7kSKraZco1881ODHNfei_5xPBpoNGVmXgBG8MC2Va3izEb3eH4HKLs4Z_KtKn0831zy0Xn2nwLat8poAeSl6qEa-Cir27kY7XLmS9VnGmtUPA8kRM313-DPZHkWRDJJ3WJhl7A8-p2DzXPaneoq25rnaeZ84E9RHAJPyGsjWhSXd3QkUf2eVDvOVnrsdJSN2gQA_pRQq4P_ZUNb45h6shGVN0ueO0_aVHRlhYERN4zh5Nwt-wVDnVbi9xhVm4rvB4So1Wra7klJNlKc0qFboG1rnvfZGA43uiQ7LCLFO3AxRflCf5fsCa69cLigNEHNukqaWlknMBk51EIWj5RwEsfWWHbQ5qhnI5dXiLWm3NH3FVQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAKEVMKe4NFAA-ikkGXk-WQ84nPZ65N0g&u=%7CRvE5V9mAiTJg9OYWKTmgf1K4fOIGx3l%2B4U08I5X8ZIM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdJHTWVoJr9RGjCINpa95qU82B5Bl9BFxjrfaRVkEolEG3w76LwhSURyfX0TxRy-I7lsrtirWnGnpRT3-Sy49wPB9zxw54rigbunfWTXJ58u3u_RyWeA5wggTdWR3I1slmWO__c04ps1nYL1R_gxaLsh46b_pcswV6ubnR0IZUuVBGm2JUZ15dYGMk8wvRvS4ctHbuqKBy_EV0GVIAZXVeyUHhJJd7JKT3xzCceeY3OgMIRImJtAVRBrlj2t1v34gDgRxk5Vu31IjCoCbgzGtnUqmQZNgc8AVL-HmCCnrUhVJmjrmothcbL6A1gkmOS-buIXBY0oceD_hIF_D_HuOiNFIHlrxG55NvZNDGoaqVn3wZ8TmP9xBrb8O1My1VYaUTSjbXNnGWDSu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsoYUAr3XYdOiKMWG7gOSxb7wC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAqXCW3s_9LI-4AIAqAMBqgS3Ak_QUDOEdKScwAhLwT6tASn6mSNjSplZ0vOFl__X9y3tXGRr6p4ygo8MNQ4cQAOKRiWP2iHcaVwghTXYBJLaODd7lf3AVawZwxLhFhITEJEczjuIvVcRXuohcY5YAgnot1NnGM1-E1eRWbNg86ivVZOu5jGJl_9J5RLGwDxQqPcwYtMoaHHfGRRnpXPVg4SlXIxTf0sBJ5pywn4CHNu096kCOvvRFmeC8fPu3dDHVpRby1UqAu0mPAwfCxZj9sboewSgiTWXnucYqz-EHgpm-fVnedHjCshGfosawouTkVuGelhWdVrfz4kKVvrqOW5H1pREQ6hvBgdS3ZwP7eRHVJxNSQT-dl03PeBWkV2pQUPFpwQf0lF2rCeiIEAmHjxlluxVY6JJZztHCgG58fE_TQuZ5nwWEQQ44AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uBslijQJNd9roLx4DN-_ML2vcKQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 04:09:38 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3268359
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 1FBA
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAHk1wK4FHaAAHp7Kbd07d9B5E5AYGnSg&u=%7CRvE5V9mAiTLnxuGBRXOHWK61vTqK%2FA3Q%2F6Hkp6dTBOQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2QKiI0Jg3g86PgOGRgROWHqjLSkOlQ0MQ1-1VS4TvIj2OudFw-G_ZYyUrZ4joECdBSd4o2Q4raRNMGhmWb-ws5BL8orVXe-aXddI9YPF-lI1_HJXsOE9t_07ju7LW6sw05jzpid6Mpcba-nEO9BbmzUshHQMDphA0H0bcMzjzHAn4PhBNv8J3YUUnbg1Hj4oyrs6N_oAcsdtReMBC1mlZtV5lZTCWxsiCGeEnLyC_BBCFweTh7ijq5DcHvfI076765hwJQnpyckZmRUMpziEmG_Zll6tSF11F9n5ABELhLWVYhBfOIDGY8IU72kDWvPV0tL5AHsMqzB_lDhiFjM84ZoIRe00MwwVkSvQuOMl1lgbsd8UWGQDbIyVr9LievdCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6SM5Ar3XYdymHtqjgQfs04eQCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAn3D1gNt87I-4AIAqAMBqgTJAk_QMghDs0KcMQfU1jRwZ2Jw5CPL6hS5v1U0Xpcue0iN-0H9ycD-DNHjYMD0cUQcyFqPelBgQAhvogO1t-BX_z2x9aojYjsyVWXJVm2dWwMBgWcLUjmUzQhRA_uyRDnMGBdMBKdkOogb2L4N63z5RzEWY3O4nlySwjyImagUgxSjML49eukBKliy4BQxi2H9vsih9rAMHjmnWRTvHHmOeteMkqjTuRgIuoXzvBMVjT2YGC9lngQEwb1-okO3EQnES0bTksZ7g6lljK5M9H1I5UaZkrrprMu1cWplnmWrBbLHd5AiZLVoIecmVM9QFBzGL7AUgc513hHDFB8hI3s687CgS1hegYgxPK58kF37Sgctg9KYk1oa4mjjgObpV4k9FVnILuDWTlRYf29VKGjMBccW8oMPXg181a1YZ-tAObCphfJ3oqq9ZPK34AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nzsArWxvtSGqsormKAb1i-A1-iQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:39 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 02 Jan 2023 04:09:39 GMT
img
pix.eu.criteo.net/img/ Frame 1FBA
15 KB
16 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=90357&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F90357%2F211115%2F33300702bd0247d48074e3362ef06108_screenshot_2021-11-08_at_12.17.08.png&v=3&w=596&s=miC8Zn4JRxHUESZaRtP_qXtO
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAHk1wK4FHaAAHp7Kbd07d9B5E5AYGnSg&u=%7CRvE5V9mAiTLnxuGBRXOHWK61vTqK%2FA3Q%2F6Hkp6dTBOQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2QKiI0Jg3g86PgOGRgROWHqjLSkOlQ0MQ1-1VS4TvIj2OudFw-G_ZYyUrZ4joECdBSd4o2Q4raRNMGhmWb-ws5BL8orVXe-aXddI9YPF-lI1_HJXsOE9t_07ju7LW6sw05jzpid6Mpcba-nEO9BbmzUshHQMDphA0H0bcMzjzHAn4PhBNv8J3YUUnbg1Hj4oyrs6N_oAcsdtReMBC1mlZtV5lZTCWxsiCGeEnLyC_BBCFweTh7ijq5DcHvfI076765hwJQnpyckZmRUMpziEmG_Zll6tSF11F9n5ABELhLWVYhBfOIDGY8IU72kDWvPV0tL5AHsMqzB_lDhiFjM84ZoIRe00MwwVkSvQuOMl1lgbsd8UWGQDbIyVr9LievdCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6SM5Ar3XYdymHtqjgQfs04eQCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAn3D1gNt87I-4AIAqAMBqgTJAk_QMghDs0KcMQfU1jRwZ2Jw5CPL6hS5v1U0Xpcue0iN-0H9ycD-DNHjYMD0cUQcyFqPelBgQAhvogO1t-BX_z2x9aojYjsyVWXJVm2dWwMBgWcLUjmUzQhRA_uyRDnMGBdMBKdkOogb2L4N63z5RzEWY3O4nlySwjyImagUgxSjML49eukBKliy4BQxi2H9vsih9rAMHjmnWRTvHHmOeteMkqjTuRgIuoXzvBMVjT2YGC9lngQEwb1-okO3EQnES0bTksZ7g6lljK5M9H1I5UaZkrrprMu1cWplnmWrBbLHd5AiZLVoIecmVM9QFBzGL7AUgc513hHDFB8hI3s687CgS1hegYgxPK58kF37Sgctg9KYk1oa4mjjgObpV4k9FVnILuDWTlRYf29VKGjMBccW8oMPXg181a1YZ-tAObCphfJ3oqq9ZPK34AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nzsArWxvtSGqsormKAb1i-A1-iQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b09b4568e6d05c7d8721203cf78dd283559194f22f72159d381b4e0a12c81641
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 10:38:16 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
1445482
vary
Origin
x-cache
hit cached
content-type
image/png
cache-control
public, max-age=28775783
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
15757
expires
Sat, 19 Nov 2022 11:54:39 GMT
img
pix.eu.criteo.net/img/ Frame 1FBA
69 KB
69 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1165318-_x600-nocrop.jpg&v=3&w=400&s=U50QBZteurZUBwwnN0OH3RYn&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAHk1wK4FHaAAHp7Kbd07d9B5E5AYGnSg&u=%7CRvE5V9mAiTLnxuGBRXOHWK61vTqK%2FA3Q%2F6Hkp6dTBOQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2QKiI0Jg3g86PgOGRgROWHqjLSkOlQ0MQ1-1VS4TvIj2OudFw-G_ZYyUrZ4joECdBSd4o2Q4raRNMGhmWb-ws5BL8orVXe-aXddI9YPF-lI1_HJXsOE9t_07ju7LW6sw05jzpid6Mpcba-nEO9BbmzUshHQMDphA0H0bcMzjzHAn4PhBNv8J3YUUnbg1Hj4oyrs6N_oAcsdtReMBC1mlZtV5lZTCWxsiCGeEnLyC_BBCFweTh7ijq5DcHvfI076765hwJQnpyckZmRUMpziEmG_Zll6tSF11F9n5ABELhLWVYhBfOIDGY8IU72kDWvPV0tL5AHsMqzB_lDhiFjM84ZoIRe00MwwVkSvQuOMl1lgbsd8UWGQDbIyVr9LievdCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6SM5Ar3XYdymHtqjgQfs04eQCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAn3D1gNt87I-4AIAqAMBqgTJAk_QMghDs0KcMQfU1jRwZ2Jw5CPL6hS5v1U0Xpcue0iN-0H9ycD-DNHjYMD0cUQcyFqPelBgQAhvogO1t-BX_z2x9aojYjsyVWXJVm2dWwMBgWcLUjmUzQhRA_uyRDnMGBdMBKdkOogb2L4N63z5RzEWY3O4nlySwjyImagUgxSjML49eukBKliy4BQxi2H9vsih9rAMHjmnWRTvHHmOeteMkqjTuRgIuoXzvBMVjT2YGC9lngQEwb1-okO3EQnES0bTksZ7g6lljK5M9H1I5UaZkrrprMu1cWplnmWrBbLHd5AiZLVoIecmVM9QFBzGL7AUgc513hHDFB8hI3s687CgS1hegYgxPK58kF37Sgctg9KYk1oa4mjjgObpV4k9FVnILuDWTlRYf29VKGjMBccW8oMPXg181a1YZ-tAObCphfJ3oqq9ZPK34AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nzsArWxvtSGqsormKAb1i-A1-iQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
260152ce49fdbda7b0f1e2f69d61ce39ba49de9a161971192cdf63af15207dbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:08 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
1328729
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535999
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
70472
expires
Thu, 22 Dec 2022 19:04:08 GMT
img
pix.eu.criteo.net/img/ Frame 1FBA
66 KB
66 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1167546-_x600-nocrop.jpg&v=3&w=400&s=BSa_CYNiehYpKpTcNn2jt3hT&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAHk1wK4FHaAAHp7Kbd07d9B5E5AYGnSg&u=%7CRvE5V9mAiTLnxuGBRXOHWK61vTqK%2FA3Q%2F6Hkp6dTBOQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2QKiI0Jg3g86PgOGRgROWHqjLSkOlQ0MQ1-1VS4TvIj2OudFw-G_ZYyUrZ4joECdBSd4o2Q4raRNMGhmWb-ws5BL8orVXe-aXddI9YPF-lI1_HJXsOE9t_07ju7LW6sw05jzpid6Mpcba-nEO9BbmzUshHQMDphA0H0bcMzjzHAn4PhBNv8J3YUUnbg1Hj4oyrs6N_oAcsdtReMBC1mlZtV5lZTCWxsiCGeEnLyC_BBCFweTh7ijq5DcHvfI076765hwJQnpyckZmRUMpziEmG_Zll6tSF11F9n5ABELhLWVYhBfOIDGY8IU72kDWvPV0tL5AHsMqzB_lDhiFjM84ZoIRe00MwwVkSvQuOMl1lgbsd8UWGQDbIyVr9LievdCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6SM5Ar3XYdymHtqjgQfs04eQCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAn3D1gNt87I-4AIAqAMBqgTJAk_QMghDs0KcMQfU1jRwZ2Jw5CPL6hS5v1U0Xpcue0iN-0H9ycD-DNHjYMD0cUQcyFqPelBgQAhvogO1t-BX_z2x9aojYjsyVWXJVm2dWwMBgWcLUjmUzQhRA_uyRDnMGBdMBKdkOogb2L4N63z5RzEWY3O4nlySwjyImagUgxSjML49eukBKliy4BQxi2H9vsih9rAMHjmnWRTvHHmOeteMkqjTuRgIuoXzvBMVjT2YGC9lngQEwb1-okO3EQnES0bTksZ7g6lljK5M9H1I5UaZkrrprMu1cWplnmWrBbLHd5AiZLVoIecmVM9QFBzGL7AUgc513hHDFB8hI3s687CgS1hegYgxPK58kF37Sgctg9KYk1oa4mjjgObpV4k9FVnILuDWTlRYf29VKGjMBccW8oMPXg181a1YZ-tAObCphfJ3oqq9ZPK34AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nzsArWxvtSGqsormKAb1i-A1-iQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
44bc4a17199ec4f353892cda3cdb02d401ba5fc9562aae091a1bf1f2fbf9151e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:06:02 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
1328615
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535963
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
67224
expires
Thu, 22 Dec 2022 19:05:26 GMT
all
csm.eu.criteo.net/ Frame 1FBA
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=vn2-qc9r7a_MPcBvCqIvFFxjlwG8cFmrHKLv_KBeFd_RmbyJRU0AbtHM6chwato0KipkFtv76wcgSScVIHyhhcK2H-kUDukxJGzcqi72w21Z5yVu4nkiMwHpvWi-AW8nfdEMMhRhKs7vKMYuBqBfHoyJ5hH-s0amstfE7X0Te00Y6JQy9uNAjwRDw8tofQoyjeS7GxBCAOiYyVcdYNaLlA1YltL4phpXeE3aZvtlY9NfsC05zOVno8_yDZ7ZwIfDdMiUqw&sds=2&rev=80076&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAHk1wK4FHaAAHp7Kbd07d9B5E5AYGnSg&u=%7CRvE5V9mAiTLnxuGBRXOHWK61vTqK%2FA3Q%2F6Hkp6dTBOQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2QKiI0Jg3g86PgOGRgROWHqjLSkOlQ0MQ1-1VS4TvIj2OudFw-G_ZYyUrZ4joECdBSd4o2Q4raRNMGhmWb-ws5BL8orVXe-aXddI9YPF-lI1_HJXsOE9t_07ju7LW6sw05jzpid6Mpcba-nEO9BbmzUshHQMDphA0H0bcMzjzHAn4PhBNv8J3YUUnbg1Hj4oyrs6N_oAcsdtReMBC1mlZtV5lZTCWxsiCGeEnLyC_BBCFweTh7ijq5DcHvfI076765hwJQnpyckZmRUMpziEmG_Zll6tSF11F9n5ABELhLWVYhBfOIDGY8IU72kDWvPV0tL5AHsMqzB_lDhiFjM84ZoIRe00MwwVkSvQuOMl1lgbsd8UWGQDbIyVr9LievdCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6SM5Ar3XYdymHtqjgQfs04eQCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAn3D1gNt87I-4AIAqAMBqgTJAk_QMghDs0KcMQfU1jRwZ2Jw5CPL6hS5v1U0Xpcue0iN-0H9ycD-DNHjYMD0cUQcyFqPelBgQAhvogO1t-BX_z2x9aojYjsyVWXJVm2dWwMBgWcLUjmUzQhRA_uyRDnMGBdMBKdkOogb2L4N63z5RzEWY3O4nlySwjyImagUgxSjML49eukBKliy4BQxi2H9vsih9rAMHjmnWRTvHHmOeteMkqjTuRgIuoXzvBMVjT2YGC9lngQEwb1-okO3EQnES0bTksZ7g6lljK5M9H1I5UaZkrrprMu1cWplnmWrBbLHd5AiZLVoIecmVM9QFBzGL7AUgc513hHDFB8hI3s687CgS1hegYgxPK58kF37Sgctg9KYk1oa4mjjgObpV4k9FVnILuDWTlRYf29VKGjMBccW8oMPXg181a1YZ-tAObCphfJ3oqq9ZPK34AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nzsArWxvtSGqsormKAb1i-A1-iQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 07 Jan 2022 04:09:39 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1FBA
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAHk1wK4FHaAAHp7Kbd07d9B5E5AYGnSg&u=%7CRvE5V9mAiTLnxuGBRXOHWK61vTqK%2FA3Q%2F6Hkp6dTBOQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2QKiI0Jg3g86PgOGRgROWHqjLSkOlQ0MQ1-1VS4TvIj2OudFw-G_ZYyUrZ4joECdBSd4o2Q4raRNMGhmWb-ws5BL8orVXe-aXddI9YPF-lI1_HJXsOE9t_07ju7LW6sw05jzpid6Mpcba-nEO9BbmzUshHQMDphA0H0bcMzjzHAn4PhBNv8J3YUUnbg1Hj4oyrs6N_oAcsdtReMBC1mlZtV5lZTCWxsiCGeEnLyC_BBCFweTh7ijq5DcHvfI076765hwJQnpyckZmRUMpziEmG_Zll6tSF11F9n5ABELhLWVYhBfOIDGY8IU72kDWvPV0tL5AHsMqzB_lDhiFjM84ZoIRe00MwwVkSvQuOMl1lgbsd8UWGQDbIyVr9LievdCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6SM5Ar3XYdymHtqjgQfs04eQCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAn3D1gNt87I-4AIAqAMBqgTJAk_QMghDs0KcMQfU1jRwZ2Jw5CPL6hS5v1U0Xpcue0iN-0H9ycD-DNHjYMD0cUQcyFqPelBgQAhvogO1t-BX_z2x9aojYjsyVWXJVm2dWwMBgWcLUjmUzQhRA_uyRDnMGBdMBKdkOogb2L4N63z5RzEWY3O4nlySwjyImagUgxSjML49eukBKliy4BQxi2H9vsih9rAMHjmnWRTvHHmOeteMkqjTuRgIuoXzvBMVjT2YGC9lngQEwb1-okO3EQnES0bTksZ7g6lljK5M9H1I5UaZkrrprMu1cWplnmWrBbLHd5AiZLVoIecmVM9QFBzGL7AUgc513hHDFB8hI3s687CgS1hegYgxPK58kF37Sgctg9KYk1oa4mjjgObpV4k9FVnILuDWTlRYf29VKGjMBccW8oMPXg181a1YZ-tAObCphfJ3oqq9ZPK34AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nzsArWxvtSGqsormKAb1i-A1-iQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:39 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 02 Jan 2023 04:09:39 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 1FBA
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAHk1wK4FHaAAHp7Kbd07d9B5E5AYGnSg&u=%7CRvE5V9mAiTLnxuGBRXOHWK61vTqK%2FA3Q%2F6Hkp6dTBOQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2QKiI0Jg3g86PgOGRgROWHqjLSkOlQ0MQ1-1VS4TvIj2OudFw-G_ZYyUrZ4joECdBSd4o2Q4raRNMGhmWb-ws5BL8orVXe-aXddI9YPF-lI1_HJXsOE9t_07ju7LW6sw05jzpid6Mpcba-nEO9BbmzUshHQMDphA0H0bcMzjzHAn4PhBNv8J3YUUnbg1Hj4oyrs6N_oAcsdtReMBC1mlZtV5lZTCWxsiCGeEnLyC_BBCFweTh7ijq5DcHvfI076765hwJQnpyckZmRUMpziEmG_Zll6tSF11F9n5ABELhLWVYhBfOIDGY8IU72kDWvPV0tL5AHsMqzB_lDhiFjM84ZoIRe00MwwVkSvQuOMl1lgbsd8UWGQDbIyVr9LievdCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6SM5Ar3XYdymHtqjgQfs04eQCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAn3D1gNt87I-4AIAqAMBqgTJAk_QMghDs0KcMQfU1jRwZ2Jw5CPL6hS5v1U0Xpcue0iN-0H9ycD-DNHjYMD0cUQcyFqPelBgQAhvogO1t-BX_z2x9aojYjsyVWXJVm2dWwMBgWcLUjmUzQhRA_uyRDnMGBdMBKdkOogb2L4N63z5RzEWY3O4nlySwjyImagUgxSjML49eukBKliy4BQxi2H9vsih9rAMHjmnWRTvHHmOeteMkqjTuRgIuoXzvBMVjT2YGC9lngQEwb1-okO3EQnES0bTksZ7g6lljK5M9H1I5UaZkrrprMu1cWplnmWrBbLHd5AiZLVoIecmVM9QFBzGL7AUgc513hHDFB8hI3s687CgS1hegYgxPK58kF37Sgctg9KYk1oa4mjjgObpV4k9FVnILuDWTlRYf29VKGjMBccW8oMPXg181a1YZ-tAObCphfJ3oqq9ZPK34AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nzsArWxvtSGqsormKAb1i-A1-iQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:39 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 02 Jan 2023 04:09:39 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4F61
12 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAKEVMKe4NFAA-ikkGXk-WQ84nPZ65N0g&u=%7CRvE5V9mAiTJg9OYWKTmgf1K4fOIGx3l%2B4U08I5X8ZIM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdJHTWVoJr9RGjCINpa95qU82B5Bl9BFxjrfaRVkEolEG3w76LwhSURyfX0TxRy-I7lsrtirWnGnpRT3-Sy49wPB9zxw54rigbunfWTXJ58u3u_RyWeA5wggTdWR3I1slmWO__c04ps1nYL1R_gxaLsh46b_pcswV6ubnR0IZUuVBGm2JUZ15dYGMk8wvRvS4ctHbuqKBy_EV0GVIAZXVeyUHhJJd7JKT3xzCceeY3OgMIRImJtAVRBrlj2t1v34gDgRxk5Vu31IjCoCbgzGtnUqmQZNgc8AVL-HmCCnrUhVJmjrmothcbL6A1gkmOS-buIXBY0oceD_hIF_D_HuOiNFIHlrxG55NvZNDGoaqVn3wZ8TmP9xBrb8O1My1VYaUTSjbXNnGWDSu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsoYUAr3XYdOiKMWG7gOSxb7wC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAqXCW3s_9LI-4AIAqAMBqgS3Ak_QUDOEdKScwAhLwT6tASn6mSNjSplZ0vOFl__X9y3tXGRr6p4ygo8MNQ4cQAOKRiWP2iHcaVwghTXYBJLaODd7lf3AVawZwxLhFhITEJEczjuIvVcRXuohcY5YAgnot1NnGM1-E1eRWbNg86ivVZOu5jGJl_9J5RLGwDxQqPcwYtMoaHHfGRRnpXPVg4SlXIxTf0sBJ5pywn4CHNu096kCOvvRFmeC8fPu3dDHVpRby1UqAu0mPAwfCxZj9sboewSgiTWXnucYqz-EHgpm-fVnedHjCshGfosawouTkVuGelhWdVrfz4kKVvrqOW5H1pREQ6hvBgdS3ZwP7eRHVJxNSQT-dl03PeBWkV2pQUPFpwQf0lF2rCeiIEAmHjxlluxVY6JJZztHCgG58fE_TQuZ5nwWEQQ44AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uBslijQJNd9roLx4DN-_ML2vcKQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3049467
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xL79%2BcAhVzR4O4aosoB%2F%2BLPTsbpxkCalJS6o0wWb9aN6fCHfJmhBZcqZzRwxOGKbOUkWxlHvH%2F4Nr%2FO370mbF5%2BDw9vXVAvlCs5l3aw%2FjCzNW0pUCYIWvRT4%2BUXFOXycy76ZQ8YqiSTFepPFyMdyruTE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c9a54f37f655c14-FRA
x-cache-tag
abcd1234
expires
Wed, 28 Dec 2022 04:09:39 GMT
animejs.js
static.criteo.net/animejs/ Frame 4F61
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAKEVMKe4NFAA-ikkGXk-WQ84nPZ65N0g&u=%7CRvE5V9mAiTJg9OYWKTmgf1K4fOIGx3l%2B4U08I5X8ZIM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdJHTWVoJr9RGjCINpa95qU82B5Bl9BFxjrfaRVkEolEG3w76LwhSURyfX0TxRy-I7lsrtirWnGnpRT3-Sy49wPB9zxw54rigbunfWTXJ58u3u_RyWeA5wggTdWR3I1slmWO__c04ps1nYL1R_gxaLsh46b_pcswV6ubnR0IZUuVBGm2JUZ15dYGMk8wvRvS4ctHbuqKBy_EV0GVIAZXVeyUHhJJd7JKT3xzCceeY3OgMIRImJtAVRBrlj2t1v34gDgRxk5Vu31IjCoCbgzGtnUqmQZNgc8AVL-HmCCnrUhVJmjrmothcbL6A1gkmOS-buIXBY0oceD_hIF_D_HuOiNFIHlrxG55NvZNDGoaqVn3wZ8TmP9xBrb8O1My1VYaUTSjbXNnGWDSu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsoYUAr3XYdOiKMWG7gOSxb7wC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAqXCW3s_9LI-4AIAqAMBqgS3Ak_QUDOEdKScwAhLwT6tASn6mSNjSplZ0vOFl__X9y3tXGRr6p4ygo8MNQ4cQAOKRiWP2iHcaVwghTXYBJLaODd7lf3AVawZwxLhFhITEJEczjuIvVcRXuohcY5YAgnot1NnGM1-E1eRWbNg86ivVZOu5jGJl_9J5RLGwDxQqPcwYtMoaHHfGRRnpXPVg4SlXIxTf0sBJ5pywn4CHNu096kCOvvRFmeC8fPu3dDHVpRby1UqAu0mPAwfCxZj9sboewSgiTWXnucYqz-EHgpm-fVnedHjCshGfosawouTkVuGelhWdVrfz4kKVvrqOW5H1pREQ6hvBgdS3ZwP7eRHVJxNSQT-dl03PeBWkV2pQUPFpwQf0lF2rCeiIEAmHjxlluxVY6JJZztHCgG58fE_TQuZ5nwWEQQ44AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uBslijQJNd9roLx4DN-_ML2vcKQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:39 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 02 Jan 2023 04:09:39 GMT
img
pix.eu.criteo.net/img/ Frame 4F61
15 KB
16 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=176&m=0&partner=90357&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F90357%2F211115%2F33300702bd0247d48074e3362ef06108_screenshot_2021-11-08_at_12.17.08.png&v=3&w=256&s=8MKqTj-u2M2J8Oy59yVmxgR-
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAKEVMKe4NFAA-ikkGXk-WQ84nPZ65N0g&u=%7CRvE5V9mAiTJg9OYWKTmgf1K4fOIGx3l%2B4U08I5X8ZIM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdJHTWVoJr9RGjCINpa95qU82B5Bl9BFxjrfaRVkEolEG3w76LwhSURyfX0TxRy-I7lsrtirWnGnpRT3-Sy49wPB9zxw54rigbunfWTXJ58u3u_RyWeA5wggTdWR3I1slmWO__c04ps1nYL1R_gxaLsh46b_pcswV6ubnR0IZUuVBGm2JUZ15dYGMk8wvRvS4ctHbuqKBy_EV0GVIAZXVeyUHhJJd7JKT3xzCceeY3OgMIRImJtAVRBrlj2t1v34gDgRxk5Vu31IjCoCbgzGtnUqmQZNgc8AVL-HmCCnrUhVJmjrmothcbL6A1gkmOS-buIXBY0oceD_hIF_D_HuOiNFIHlrxG55NvZNDGoaqVn3wZ8TmP9xBrb8O1My1VYaUTSjbXNnGWDSu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsoYUAr3XYdOiKMWG7gOSxb7wC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAqXCW3s_9LI-4AIAqAMBqgS3Ak_QUDOEdKScwAhLwT6tASn6mSNjSplZ0vOFl__X9y3tXGRr6p4ygo8MNQ4cQAOKRiWP2iHcaVwghTXYBJLaODd7lf3AVawZwxLhFhITEJEczjuIvVcRXuohcY5YAgnot1NnGM1-E1eRWbNg86ivVZOu5jGJl_9J5RLGwDxQqPcwYtMoaHHfGRRnpXPVg4SlXIxTf0sBJ5pywn4CHNu096kCOvvRFmeC8fPu3dDHVpRby1UqAu0mPAwfCxZj9sboewSgiTWXnucYqz-EHgpm-fVnedHjCshGfosawouTkVuGelhWdVrfz4kKVvrqOW5H1pREQ6hvBgdS3ZwP7eRHVJxNSQT-dl03PeBWkV2pQUPFpwQf0lF2rCeiIEAmHjxlluxVY6JJZztHCgG58fE_TQuZ5nwWEQQ44AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uBslijQJNd9roLx4DN-_ML2vcKQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b09b4568e6d05c7d8721203cf78dd283559194f22f72159d381b4e0a12c81641
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 17:48:37 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
123660
vary
Origin
x-cache
hit cached
content-type
image/png
cache-control
public, max-age=30134928
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
15757
expires
Tue, 20 Dec 2022 12:37:27 GMT
img
pix.eu.criteo.net/img/ Frame 4F61
74 KB
74 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1589587-_x600-nocrop.jpg&v=3&w=800&s=mtJWFbKzygSAKlTsgd_tmzrE&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAKEVMKe4NFAA-ikkGXk-WQ84nPZ65N0g&u=%7CRvE5V9mAiTJg9OYWKTmgf1K4fOIGx3l%2B4U08I5X8ZIM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdJHTWVoJr9RGjCINpa95qU82B5Bl9BFxjrfaRVkEolEG3w76LwhSURyfX0TxRy-I7lsrtirWnGnpRT3-Sy49wPB9zxw54rigbunfWTXJ58u3u_RyWeA5wggTdWR3I1slmWO__c04ps1nYL1R_gxaLsh46b_pcswV6ubnR0IZUuVBGm2JUZ15dYGMk8wvRvS4ctHbuqKBy_EV0GVIAZXVeyUHhJJd7JKT3xzCceeY3OgMIRImJtAVRBrlj2t1v34gDgRxk5Vu31IjCoCbgzGtnUqmQZNgc8AVL-HmCCnrUhVJmjrmothcbL6A1gkmOS-buIXBY0oceD_hIF_D_HuOiNFIHlrxG55NvZNDGoaqVn3wZ8TmP9xBrb8O1My1VYaUTSjbXNnGWDSu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsoYUAr3XYdOiKMWG7gOSxb7wC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAqXCW3s_9LI-4AIAqAMBqgS3Ak_QUDOEdKScwAhLwT6tASn6mSNjSplZ0vOFl__X9y3tXGRr6p4ygo8MNQ4cQAOKRiWP2iHcaVwghTXYBJLaODd7lf3AVawZwxLhFhITEJEczjuIvVcRXuohcY5YAgnot1NnGM1-E1eRWbNg86ivVZOu5jGJl_9J5RLGwDxQqPcwYtMoaHHfGRRnpXPVg4SlXIxTf0sBJ5pywn4CHNu096kCOvvRFmeC8fPu3dDHVpRby1UqAu0mPAwfCxZj9sboewSgiTWXnucYqz-EHgpm-fVnedHjCshGfosawouTkVuGelhWdVrfz4kKVvrqOW5H1pREQ6hvBgdS3ZwP7eRHVJxNSQT-dl03PeBWkV2pQUPFpwQf0lF2rCeiIEAmHjxlluxVY6JJZztHCgG58fE_TQuZ5nwWEQQ44AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uBslijQJNd9roLx4DN-_ML2vcKQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
10ba04dd2307ff746994774973da29c3aa184f5d885dd102bec2f105fdb06fc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
1328697
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535985
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
75404
expires
Thu, 22 Dec 2022 19:04:26 GMT
img
pix.eu.criteo.net/img/ Frame 4F61
66 KB
66 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1167546-_x600-nocrop.jpg&v=3&w=800&s=KoUUKAWq2H4WAfcVueGNhS0k&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAKEVMKe4NFAA-ikkGXk-WQ84nPZ65N0g&u=%7CRvE5V9mAiTJg9OYWKTmgf1K4fOIGx3l%2B4U08I5X8ZIM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdJHTWVoJr9RGjCINpa95qU82B5Bl9BFxjrfaRVkEolEG3w76LwhSURyfX0TxRy-I7lsrtirWnGnpRT3-Sy49wPB9zxw54rigbunfWTXJ58u3u_RyWeA5wggTdWR3I1slmWO__c04ps1nYL1R_gxaLsh46b_pcswV6ubnR0IZUuVBGm2JUZ15dYGMk8wvRvS4ctHbuqKBy_EV0GVIAZXVeyUHhJJd7JKT3xzCceeY3OgMIRImJtAVRBrlj2t1v34gDgRxk5Vu31IjCoCbgzGtnUqmQZNgc8AVL-HmCCnrUhVJmjrmothcbL6A1gkmOS-buIXBY0oceD_hIF_D_HuOiNFIHlrxG55NvZNDGoaqVn3wZ8TmP9xBrb8O1My1VYaUTSjbXNnGWDSu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsoYUAr3XYdOiKMWG7gOSxb7wC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAqXCW3s_9LI-4AIAqAMBqgS3Ak_QUDOEdKScwAhLwT6tASn6mSNjSplZ0vOFl__X9y3tXGRr6p4ygo8MNQ4cQAOKRiWP2iHcaVwghTXYBJLaODd7lf3AVawZwxLhFhITEJEczjuIvVcRXuohcY5YAgnot1NnGM1-E1eRWbNg86ivVZOu5jGJl_9J5RLGwDxQqPcwYtMoaHHfGRRnpXPVg4SlXIxTf0sBJ5pywn4CHNu096kCOvvRFmeC8fPu3dDHVpRby1UqAu0mPAwfCxZj9sboewSgiTWXnucYqz-EHgpm-fVnedHjCshGfosawouTkVuGelhWdVrfz4kKVvrqOW5H1pREQ6hvBgdS3ZwP7eRHVJxNSQT-dl03PeBWkV2pQUPFpwQf0lF2rCeiIEAmHjxlluxVY6JJZztHCgG58fE_TQuZ5nwWEQQ44AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uBslijQJNd9roLx4DN-_ML2vcKQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
44bc4a17199ec4f353892cda3cdb02d401ba5fc9562aae091a1bf1f2fbf9151e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:14:57 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
1328080
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535428
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
67224
expires
Thu, 22 Dec 2022 19:05:26 GMT
img
pix.eu.criteo.net/img/ Frame 4F61
35 KB
35 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1185170-_x600-nocrop.jpg&v=3&w=800&s=CtdGJvcp5_NFxoH6kfKb35yH&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAKEVMKe4NFAA-ikkGXk-WQ84nPZ65N0g&u=%7CRvE5V9mAiTJg9OYWKTmgf1K4fOIGx3l%2B4U08I5X8ZIM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdJHTWVoJr9RGjCINpa95qU82B5Bl9BFxjrfaRVkEolEG3w76LwhSURyfX0TxRy-I7lsrtirWnGnpRT3-Sy49wPB9zxw54rigbunfWTXJ58u3u_RyWeA5wggTdWR3I1slmWO__c04ps1nYL1R_gxaLsh46b_pcswV6ubnR0IZUuVBGm2JUZ15dYGMk8wvRvS4ctHbuqKBy_EV0GVIAZXVeyUHhJJd7JKT3xzCceeY3OgMIRImJtAVRBrlj2t1v34gDgRxk5Vu31IjCoCbgzGtnUqmQZNgc8AVL-HmCCnrUhVJmjrmothcbL6A1gkmOS-buIXBY0oceD_hIF_D_HuOiNFIHlrxG55NvZNDGoaqVn3wZ8TmP9xBrb8O1My1VYaUTSjbXNnGWDSu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsoYUAr3XYdOiKMWG7gOSxb7wC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAqXCW3s_9LI-4AIAqAMBqgS3Ak_QUDOEdKScwAhLwT6tASn6mSNjSplZ0vOFl__X9y3tXGRr6p4ygo8MNQ4cQAOKRiWP2iHcaVwghTXYBJLaODd7lf3AVawZwxLhFhITEJEczjuIvVcRXuohcY5YAgnot1NnGM1-E1eRWbNg86ivVZOu5jGJl_9J5RLGwDxQqPcwYtMoaHHfGRRnpXPVg4SlXIxTf0sBJ5pywn4CHNu096kCOvvRFmeC8fPu3dDHVpRby1UqAu0mPAwfCxZj9sboewSgiTWXnucYqz-EHgpm-fVnedHjCshGfosawouTkVuGelhWdVrfz4kKVvrqOW5H1pREQ6hvBgdS3ZwP7eRHVJxNSQT-dl03PeBWkV2pQUPFpwQf0lF2rCeiIEAmHjxlluxVY6JJZztHCgG58fE_TQuZ5nwWEQQ44AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uBslijQJNd9roLx4DN-_ML2vcKQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
18175281dd4a8f377e4f51d4f455b8e41afae0a739c7a9f280f44b507afcf6fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 17:48:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
123660
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=30330940
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
35336
expires
Thu, 22 Dec 2022 19:04:19 GMT
img
pix.eu.criteo.net/img/ Frame 4F61
48 KB
49 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1191703-_x600-nocrop.jpg&v=3&w=800&s=P6XITRNjqpqZom03c1FaJWZD&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAKEVMKe4NFAA-ikkGXk-WQ84nPZ65N0g&u=%7CRvE5V9mAiTJg9OYWKTmgf1K4fOIGx3l%2B4U08I5X8ZIM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdJHTWVoJr9RGjCINpa95qU82B5Bl9BFxjrfaRVkEolEG3w76LwhSURyfX0TxRy-I7lsrtirWnGnpRT3-Sy49wPB9zxw54rigbunfWTXJ58u3u_RyWeA5wggTdWR3I1slmWO__c04ps1nYL1R_gxaLsh46b_pcswV6ubnR0IZUuVBGm2JUZ15dYGMk8wvRvS4ctHbuqKBy_EV0GVIAZXVeyUHhJJd7JKT3xzCceeY3OgMIRImJtAVRBrlj2t1v34gDgRxk5Vu31IjCoCbgzGtnUqmQZNgc8AVL-HmCCnrUhVJmjrmothcbL6A1gkmOS-buIXBY0oceD_hIF_D_HuOiNFIHlrxG55NvZNDGoaqVn3wZ8TmP9xBrb8O1My1VYaUTSjbXNnGWDSu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsoYUAr3XYdOiKMWG7gOSxb7wC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAqXCW3s_9LI-4AIAqAMBqgS3Ak_QUDOEdKScwAhLwT6tASn6mSNjSplZ0vOFl__X9y3tXGRr6p4ygo8MNQ4cQAOKRiWP2iHcaVwghTXYBJLaODd7lf3AVawZwxLhFhITEJEczjuIvVcRXuohcY5YAgnot1NnGM1-E1eRWbNg86ivVZOu5jGJl_9J5RLGwDxQqPcwYtMoaHHfGRRnpXPVg4SlXIxTf0sBJ5pywn4CHNu096kCOvvRFmeC8fPu3dDHVpRby1UqAu0mPAwfCxZj9sboewSgiTWXnucYqz-EHgpm-fVnedHjCshGfosawouTkVuGelhWdVrfz4kKVvrqOW5H1pREQ6hvBgdS3ZwP7eRHVJxNSQT-dl03PeBWkV2pQUPFpwQf0lF2rCeiIEAmHjxlluxVY6JJZztHCgG58fE_TQuZ5nwWEQQ44AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uBslijQJNd9roLx4DN-_ML2vcKQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b9c75075515f40791aeca058e3b879e0d82da4406a6a5a78f2de33e4ac92047f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 00:33:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
444991
vary
Origin
x-cache
hit cached
content-type
image/jpeg
cache-control
public, max-age=30652361
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
49428
expires
Thu, 22 Dec 2022 19:05:49 GMT
all
csm.eu.criteo.net/ Frame 4F61
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=oOhh9s9r7a_MPcBvoXC-StxcZPGlDlKNdDjZDi9HgOKoGaexp2RsML_amByvAaGrCwufZWtQ6eOb6PIxg0oCN6Ghd8hZZklaAHvT9vYlGLR0aneA-YJtkwK1zqX1lXKJqgDamruAhXLeLkFsJ-HJgSDbR9mdBAHBN2RSoscQO8RLX38p9rnRTJjDQyws-vBQuREjDYYiQQYXXvVrjuzl3FTVuPP9f43qd9Y7I4Y3xsf-g7CIyQ_S6SVUNxEg6OkzlXjbFg&sds=2&rev=79985.3&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAKEVMKe4NFAA-ikkGXk-WQ84nPZ65N0g&u=%7CRvE5V9mAiTJg9OYWKTmgf1K4fOIGx3l%2B4U08I5X8ZIM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdJHTWVoJr9RGjCINpa95qU82B5Bl9BFxjrfaRVkEolEG3w76LwhSURyfX0TxRy-I7lsrtirWnGnpRT3-Sy49wPB9zxw54rigbunfWTXJ58u3u_RyWeA5wggTdWR3I1slmWO__c04ps1nYL1R_gxaLsh46b_pcswV6ubnR0IZUuVBGm2JUZ15dYGMk8wvRvS4ctHbuqKBy_EV0GVIAZXVeyUHhJJd7JKT3xzCceeY3OgMIRImJtAVRBrlj2t1v34gDgRxk5Vu31IjCoCbgzGtnUqmQZNgc8AVL-HmCCnrUhVJmjrmothcbL6A1gkmOS-buIXBY0oceD_hIF_D_HuOiNFIHlrxG55NvZNDGoaqVn3wZ8TmP9xBrb8O1My1VYaUTSjbXNnGWDSu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsoYUAr3XYdOiKMWG7gOSxb7wC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAqXCW3s_9LI-4AIAqAMBqgS3Ak_QUDOEdKScwAhLwT6tASn6mSNjSplZ0vOFl__X9y3tXGRr6p4ygo8MNQ4cQAOKRiWP2iHcaVwghTXYBJLaODd7lf3AVawZwxLhFhITEJEczjuIvVcRXuohcY5YAgnot1NnGM1-E1eRWbNg86ivVZOu5jGJl_9J5RLGwDxQqPcwYtMoaHHfGRRnpXPVg4SlXIxTf0sBJ5pywn4CHNu096kCOvvRFmeC8fPu3dDHVpRby1UqAu0mPAwfCxZj9sboewSgiTWXnucYqz-EHgpm-fVnedHjCshGfosawouTkVuGelhWdVrfz4kKVvrqOW5H1pREQ6hvBgdS3ZwP7eRHVJxNSQT-dl03PeBWkV2pQUPFpwQf0lF2rCeiIEAmHjxlluxVY6JJZztHCgG58fE_TQuZ5nwWEQQ44AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uBslijQJNd9roLx4DN-_ML2vcKQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 07 Jan 2022 04:09:38 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4F61
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAKEVMKe4NFAA-ikkGXk-WQ84nPZ65N0g&u=%7CRvE5V9mAiTJg9OYWKTmgf1K4fOIGx3l%2B4U08I5X8ZIM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdJHTWVoJr9RGjCINpa95qU82B5Bl9BFxjrfaRVkEolEG3w76LwhSURyfX0TxRy-I7lsrtirWnGnpRT3-Sy49wPB9zxw54rigbunfWTXJ58u3u_RyWeA5wggTdWR3I1slmWO__c04ps1nYL1R_gxaLsh46b_pcswV6ubnR0IZUuVBGm2JUZ15dYGMk8wvRvS4ctHbuqKBy_EV0GVIAZXVeyUHhJJd7JKT3xzCceeY3OgMIRImJtAVRBrlj2t1v34gDgRxk5Vu31IjCoCbgzGtnUqmQZNgc8AVL-HmCCnrUhVJmjrmothcbL6A1gkmOS-buIXBY0oceD_hIF_D_HuOiNFIHlrxG55NvZNDGoaqVn3wZ8TmP9xBrb8O1My1VYaUTSjbXNnGWDSu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsoYUAr3XYdOiKMWG7gOSxb7wC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAqXCW3s_9LI-4AIAqAMBqgS3Ak_QUDOEdKScwAhLwT6tASn6mSNjSplZ0vOFl__X9y3tXGRr6p4ygo8MNQ4cQAOKRiWP2iHcaVwghTXYBJLaODd7lf3AVawZwxLhFhITEJEczjuIvVcRXuohcY5YAgnot1NnGM1-E1eRWbNg86ivVZOu5jGJl_9J5RLGwDxQqPcwYtMoaHHfGRRnpXPVg4SlXIxTf0sBJ5pywn4CHNu096kCOvvRFmeC8fPu3dDHVpRby1UqAu0mPAwfCxZj9sboewSgiTWXnucYqz-EHgpm-fVnedHjCshGfosawouTkVuGelhWdVrfz4kKVvrqOW5H1pREQ6hvBgdS3ZwP7eRHVJxNSQT-dl03PeBWkV2pQUPFpwQf0lF2rCeiIEAmHjxlluxVY6JJZztHCgG58fE_TQuZ5nwWEQQ44AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uBslijQJNd9roLx4DN-_ML2vcKQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:39 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 02 Jan 2023 04:09:39 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 4F61
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAKEVMKe4NFAA-ikkGXk-WQ84nPZ65N0g&u=%7CRvE5V9mAiTJg9OYWKTmgf1K4fOIGx3l%2B4U08I5X8ZIM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdJHTWVoJr9RGjCINpa95qU82B5Bl9BFxjrfaRVkEolEG3w76LwhSURyfX0TxRy-I7lsrtirWnGnpRT3-Sy49wPB9zxw54rigbunfWTXJ58u3u_RyWeA5wggTdWR3I1slmWO__c04ps1nYL1R_gxaLsh46b_pcswV6ubnR0IZUuVBGm2JUZ15dYGMk8wvRvS4ctHbuqKBy_EV0GVIAZXVeyUHhJJd7JKT3xzCceeY3OgMIRImJtAVRBrlj2t1v34gDgRxk5Vu31IjCoCbgzGtnUqmQZNgc8AVL-HmCCnrUhVJmjrmothcbL6A1gkmOS-buIXBY0oceD_hIF_D_HuOiNFIHlrxG55NvZNDGoaqVn3wZ8TmP9xBrb8O1My1VYaUTSjbXNnGWDSu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsoYUAr3XYdOiKMWG7gOSxb7wC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAqXCW3s_9LI-4AIAqAMBqgS3Ak_QUDOEdKScwAhLwT6tASn6mSNjSplZ0vOFl__X9y3tXGRr6p4ygo8MNQ4cQAOKRiWP2iHcaVwghTXYBJLaODd7lf3AVawZwxLhFhITEJEczjuIvVcRXuohcY5YAgnot1NnGM1-E1eRWbNg86ivVZOu5jGJl_9J5RLGwDxQqPcwYtMoaHHfGRRnpXPVg4SlXIxTf0sBJ5pywn4CHNu096kCOvvRFmeC8fPu3dDHVpRby1UqAu0mPAwfCxZj9sboewSgiTWXnucYqz-EHgpm-fVnedHjCshGfosawouTkVuGelhWdVrfz4kKVvrqOW5H1pREQ6hvBgdS3ZwP7eRHVJxNSQT-dl03PeBWkV2pQUPFpwQf0lF2rCeiIEAmHjxlluxVY6JJZztHCgG58fE_TQuZ5nwWEQQ44AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uBslijQJNd9roLx4DN-_ML2vcKQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:39 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 02 Jan 2023 04:09:39 GMT
css
fonts.googleapis.com/ Frame 1FBA
2 KB
507 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 07 Jan 2022 04:09:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 07 Jan 2022 04:09:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Jan 2022 04:09:39 GMT
css
fonts.googleapis.com/ Frame 4F61
2 KB
507 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 07 Jan 2022 04:01:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 07 Jan 2022 04:09:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Jan 2022 04:09:39 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame 4F61
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 21:17:17 GMT
x-content-type-options
nosniff
age
283942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45416
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 03 Jan 2023 21:17:17 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame 1FBA
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 21:17:17 GMT
x-content-type-options
nosniff
age
283942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45416
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 03 Jan 2023 21:17:17 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame 1FBA
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 14:03:04 GMT
x-content-type-options
nosniff
age
223595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46988
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:11 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 04 Jan 2023 14:03:04 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame 4F61
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 14:03:04 GMT
x-content-type-options
nosniff
age
223595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46988
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:11 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 04 Jan 2023 14:03:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
9 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022010408&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54c693f74b0f424d1d235e2575eee186254d744aba38fb1ab52135f581c8d19e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Jan 2022 04:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8601
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010408.js?31063981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 07 Jan 2022 04:09:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C9F1
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Thu, 06 Jan 2022 21:07:32 GMT
expires
Fri, 06 Jan 2023 21:07:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
25327
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 5281
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
636a2d953f3deb5b9990ad7551f3288293dbe59af1cdcd462cd5cce86fd0dd90
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ft6V4kvouM6D4SY6HtJ4ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 07 Jan 2022 04:09:39 GMT
date
Fri, 07 Jan 2022 04:09:39 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ft6V4kvouM6D4SY6HtJ4ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js
pagead2.googlesyndication.com/bg/ Frame C9F1
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57fd412bc2d3d76b4f01754177d556d3bc7cfba2302c87742b01dd8de9863078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 16:15:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
42820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13406
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 16:15:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5281
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022010408&jk=1942997965827401&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022010408&jk=1942997965827401&bg=!3t2l3ZnNAAbDtiZlw7Y7ACkAdvg8Wr-yU9jLKyL8s2csW1F3VswWDmiWCuBGIb4_u-4QCZBlrHCNfgIAAABYUgAAAA1oAQcKAChLK8lHRPzSRE_RUtje-ICBGbNFvyOu-2_0C1lzB3dJ6Fz8Fn5IlptCmQKIUe75bEOg_K0Z1LiqIUQDxhIAZvNyQCZVNIdPKmj_pS1ig2OlGQgbzL6sj3tok2ldRPW8nPCJ2wDt1E_M6Dvdcfd0MVTQaivRIMU_dyqeXGS8d6UqhQ6TLbiVhIfOm6xsYQwzJvnxzw_0ThMEfn7Z0jDFJ069qjPwxXZAX0RyvNQznwMIrV83ckrf295RoZ0ox8GpvAhTdwo76otmf-zAewmyxj75UEmD4cERnmRAVUVs3pgR5f8pCl7DNjvGeoLCymxX7nSnW4kj42S1FuHOQ2WfC3Hj1aFCyyXYnW-yu-t9JXobg_UFicYKfBsCRxfBoGSiflBVd-4MQ07nQInbheSXd75EMOeTRYAQiTdN-solqmCviT4yHLW7RZ_TkhTg5NviBV5s3xst_-zTMip3VYYKzbb6bcXU0Pwzd_OmXAgXRl3CeZUTvOwEbvEKZYEIDRcBovMS0jO6qWi2XwvX2J0F2EWfEFGKMh-Dy4paX89k21HV7XuVYR-n3PiWzB_HEVCgWMBkYeyaNgZGuBc7q2yIOULWQJ5SBXWosLFk8M_YaCIBZCIMnW5Xcaj7IQE2V5pIrdjSZKm021yKUvS9faIbiNqQGiCSoR7uvvD5q7b218q83BlHOPIJ5NOJkDZabPsRk8m0X-8bKklucRYC8DtKS10sTI2vZCNRsW44WQCK-8_59DPp-PUV4awO_s2VkGDR3NKREy-_IMfoP0ExfmTCTpLDuadyD6NT6vvmPdU_ZtPCbOi7LlPLE2qt6SSQCZqZJJ-KQiGtsIHrxR3Elt_VN6XFxZ5dTeCtaFN4eC5iQAe7KN-iNN4154JrfF7bQW9l1Tx3cNIBNP4S2pgbuxX7un8Xg5YC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 04:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CA77
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubHnbzy0N0DZ6R4KwbKo8D6id4jPHNp7NUEUgTEOVGbCS4qzZahALDaIx0lt7agWrctGe9_9nr9hWMMG6kYQfLUiktEOWLOJZo9b2qgKbc_1ygJPDB&sig=Cg0ArKJSzFnhCMt4zvygEAE&id=lidar2&mcvt=1000&p=318,1130,568,1430&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220105&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2006005718&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641528578759&rpt=146&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 04:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6C8F
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSvh4KU3Nr2ut34omc5cwuT3kB1QfPob2LgTDse6g4hFHJLI9qNYu6TRN3yCCMmUdcvrdt1bB7rspYpB-RHOKa6jnKXhWFPtnV-Ub0AnTJo9CXEtUJ&sig=Cg0ArKJSzCdurJAbXEmNEAE&id=lidar2&mcvt=1000&p=1140,300,1200,1300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220105&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2845897327&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641528578845&rpt=99&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thedailystar.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 04:09:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5D74
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7-dV0-OyTC_cp16wiQ7W5JWzsfGPRF-Cs9DrHL0pEDSCtmDsrSfMcdFrtsWrCfESR3D_APg5MA3jTHHsQFKkd&sig=Cg0ArKJSzNZK20kFVhjFEAE&id=lidar2&mcvt=1000&p=588,1130,838,1430&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220105&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2486299796&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641528578740&rpt=244&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 04:09:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E6F4
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEfhC3ftKH3z3oESz66FC0AArlALb39mARQFSp1gjrnM850a6MkNHK0-9cK0m_Zk52WzJyLuWjaiqJYCQzOJBL&sig=Cg0ArKJSzLdi506c8Lc7EAE&id=lidar2&mcvt=1000&p=15,436,105,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220105&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=572651809&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641528578851&rpt=164&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 04:09:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 1FBA
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=vn2-qc9r7a_MPcBvCqIvFFxjlwG8cFmrHKLv_KBeFd_RmbyJRU0AbtHM6chwato0KipkFtv76wcgSScVIHyhhcK2H-kUDukxJGzcqi72w21Z5yVu4nkiMwHpvWi-AW8nfdEMMhRhKs7vKMYuBqBfHoyJ5hH-s0amstfE7X0Te00Y6JQy9uNAjwRDw8tofQoyjeS7GxBCAOiYyVcdYNaLlA1YltL4phpXeE3aZvtlY9NfsC05zOVno8_yDZ7ZwIfDdMiUqw&sds=2&rev=80076&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAHk1wK4FHaAAHp7Kbd07d9B5E5AYGnSg&u=%7CRvE5V9mAiTLnxuGBRXOHWK61vTqK%2FA3Q%2F6Hkp6dTBOQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2QKiI0Jg3g86PgOGRgROWHqjLSkOlQ0MQ1-1VS4TvIj2OudFw-G_ZYyUrZ4joECdBSd4o2Q4raRNMGhmWb-ws5BL8orVXe-aXddI9YPF-lI1_HJXsOE9t_07ju7LW6sw05jzpid6Mpcba-nEO9BbmzUshHQMDphA0H0bcMzjzHAn4PhBNv8J3YUUnbg1Hj4oyrs6N_oAcsdtReMBC1mlZtV5lZTCWxsiCGeEnLyC_BBCFweTh7ijq5DcHvfI076765hwJQnpyckZmRUMpziEmG_Zll6tSF11F9n5ABELhLWVYhBfOIDGY8IU72kDWvPV0tL5AHsMqzB_lDhiFjM84ZoIRe00MwwVkSvQuOMl1lgbsd8UWGQDbIyVr9LievdCQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6SM5Ar3XYdymHtqjgQfs04eQCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAn3D1gNt87I-4AIAqAMBqgTJAk_QMghDs0KcMQfU1jRwZ2Jw5CPL6hS5v1U0Xpcue0iN-0H9ycD-DNHjYMD0cUQcyFqPelBgQAhvogO1t-BX_z2x9aojYjsyVWXJVm2dWwMBgWcLUjmUzQhRA_uyRDnMGBdMBKdkOogb2L4N63z5RzEWY3O4nlySwjyImagUgxSjML49eukBKliy4BQxi2H9vsih9rAMHjmnWRTvHHmOeteMkqjTuRgIuoXzvBMVjT2YGC9lngQEwb1-okO3EQnES0bTksZ7g6lljK5M9H1I5UaZkrrprMu1cWplnmWrBbLHd5AiZLVoIecmVM9QFBzGL7AUgc513hHDFB8hI3s687CgS1hegYgxPK58kF37Sgctg9KYk1oa4mjjgObpV4k9FVnILuDWTlRYf29VKGjMBccW8oMPXg181a1YZ-tAObCphfJ3oqq9ZPK34AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3nzsArWxvtSGqsormKAb1i-A1-iQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 07 Jan 2022 04:09:39 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
all
csm.eu.criteo.net/ Frame 4F61
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=oOhh9s9r7a_MPcBvoXC-StxcZPGlDlKNdDjZDi9HgOKoGaexp2RsML_amByvAaGrCwufZWtQ6eOb6PIxg0oCN6Ghd8hZZklaAHvT9vYlGLR0aneA-YJtkwK1zqX1lXKJqgDamruAhXLeLkFsJ-HJgSDbR9mdBAHBN2RSoscQO8RLX38p9rnRTJjDQyws-vBQuREjDYYiQQYXXvVrjuzl3FTVuPP9f43qd9Y7I4Y3xsf-g7CIyQ_S6SVUNxEg6OkzlXjbFg&sds=2&rev=79985.3&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yde9AgAKEVMKe4NFAA-ikkGXk-WQ84nPZ65N0g&u=%7CRvE5V9mAiTJg9OYWKTmgf1K4fOIGx3l%2B4U08I5X8ZIM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdJHTWVoJr9RGjCINpa95qU82B5Bl9BFxjrfaRVkEolEG3w76LwhSURyfX0TxRy-I7lsrtirWnGnpRT3-Sy49wPB9zxw54rigbunfWTXJ58u3u_RyWeA5wggTdWR3I1slmWO__c04ps1nYL1R_gxaLsh46b_pcswV6ubnR0IZUuVBGm2JUZ15dYGMk8wvRvS4ctHbuqKBy_EV0GVIAZXVeyUHhJJd7JKT3xzCceeY3OgMIRImJtAVRBrlj2t1v34gDgRxk5Vu31IjCoCbgzGtnUqmQZNgc8AVL-HmCCnrUhVJmjrmothcbL6A1gkmOS-buIXBY0oceD_hIF_D_HuOiNFIHlrxG55NvZNDGoaqVn3wZ8TmP9xBrb8O1My1VYaUTSjbXNnGWDSu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsoYUAr3XYdOiKMWG7gOSxb7wC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxNzA1NjUzMzI2MTQyOKAB1bbS6gPIAQmpAqXCW3s_9LI-4AIAqAMBqgS3Ak_QUDOEdKScwAhLwT6tASn6mSNjSplZ0vOFl__X9y3tXGRr6p4ygo8MNQ4cQAOKRiWP2iHcaVwghTXYBJLaODd7lf3AVawZwxLhFhITEJEczjuIvVcRXuohcY5YAgnot1NnGM1-E1eRWbNg86ivVZOu5jGJl_9J5RLGwDxQqPcwYtMoaHHfGRRnpXPVg4SlXIxTf0sBJ5pywn4CHNu096kCOvvRFmeC8fPu3dDHVpRby1UqAu0mPAwfCxZj9sboewSgiTWXnucYqz-EHgpm-fVnedHjCshGfosawouTkVuGelhWdVrfz4kKVvrqOW5H1pREQ6hvBgdS3ZwP7eRHVJxNSQT-dl03PeBWkV2pQUPFpwQf0lF2rCeiIEAmHjxlluxVY6JJZztHCgG58fE_TQuZ5nwWEQQ44AQBgAbDnuSTksGkk6MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uBslijQJNd9roLx4DN-_ML2vcKQ%26client%3Dca-pub-1017056533261428%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 07 Jan 2022 04:09:39 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
img
pix.eu.criteo.net/img/ Frame 1FBA
69 KB
69 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1165318-_x600-nocrop.jpg&v=3&w=400&s=U50QBZteurZUBwwnN0OH3RYn&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
260152ce49fdbda7b0f1e2f69d61ce39ba49de9a161971192cdf63af15207dbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:08 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
1328732
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535999
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
70472
expires
Thu, 22 Dec 2022 19:04:08 GMT
img
pix.eu.criteo.net/img/ Frame 4F61
74 KB
74 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1589587-_x600-nocrop.jpg&v=3&w=800&s=mtJWFbKzygSAKlTsgd_tmzrE&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
10ba04dd2307ff746994774973da29c3aa184f5d885dd102bec2f105fdb06fc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
1328700
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535985
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
75404
expires
Thu, 22 Dec 2022 19:04:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onsecuritypolicyviolation object| onslotchange object| _atrk_opts function| fbq function| _fbq string| google_analytics_uacct string| GoogleAnalyticsObject function| ga function| advagg_mod_1 function| advagg_mod_1_check function| advagg_mod_2 function| advagg_mod_2_check function| advagg_mod_3 function| advagg_mod_3_check function| advagg_mod_4 function| advagg_mod_4_check function| atrk boolean| _atrk_fired undefined| $ function| jQuery function| advagg_mod_5 function| advagg_mod_5_check function| Waypoint object| Drupal object| lazySizesConfig object| lazySizes object| imageRatio object| rsiDfpLoader object| whatInput object| Foundation object| CoreUtils object| Box function| onImagesLoaded object| MediaQuery object| Motion object| Nest function| Timer object| Triggers function| Abide function| Accordion function| AccordionMenu function| Drilldown function| Dropdown function| DropdownMenu function| Equalizer function| Interchange function| Magellan function| OffCanvas function| Orbit function| ResponsiveMenu function| ResponsiveToggle function| Reveal function| Slider function| SmoothScroll function| Sticky function| Tabs function| Toggler function| Tooltip function| ResponsiveAccordionTabs object| default object| dfp_slots object| googletag function| advagg_mod_defer_1 function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto function| checkForDOMChange function| getCSS function| stickyFooter object| picturefillCFG function| picturefill object| rsiScroller function| fbAsyncInit object| addthis_share object| addthis_config object| $marquee string| waypointContextKey function| reInitLightGallery object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| __@@##MUH object| FB object| ggeac object| google_js_reporting_queue object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks number| len undefined| google_measure_js_timing string| slot object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

19 Cookies

Domain/Path Name / Value
.thedailystar.net/ Name: nlbi_114987
Value: mAiYbZyQmBwHx3aL6QmXtgAAAABYurFCn7rH0VhTNhIYMN5T
.thedailystar.net/ Name: visid_incap_114987
Value: /VLQv7rGQgGAPmLeIlfRhP+812EAAAAAQUIPAAAAAADfmCMwmyREeirDC9fYfMKd
.thedailystar.net/ Name: incap_ses_875_114987
Value: wEloSNmkviDlHL4SKqAkDAC912EAAAAANhsl482CvPNw9L+eKRMEzQ==
.thedailystar.net/ Name: visid_incap_2644695
Value: BExiqM/WQfSNoyae7VvGXQG912EAAAAAQUIPAAAAAAB6uFL7lZBisxH6H8aRhzHh
.thedailystar.net/ Name: incap_ses_8219_2644695
Value: ZqqAXMfk1ApdzdcQQcEPcgG912EAAAAA+ZZ4uDoinFf7UgozkI8+Bg==
.thedailystar.net/ Name: __asc
Value: 3fcc7d1f17e32ba4f3fa5439a3f
.thedailystar.net/ Name: __auc
Value: 3fcc7d1f17e32ba4f3fa5439a3f
www.thedailystar.net/ Name: has_js
Value: 1
www.thedailystar.net/ Name: __atuvc
Value: 1%7C1
www.thedailystar.net/ Name: __atuvs
Value: 61d7bd017c12fdb6000
.thedailystar.net/ Name: _ga
Value: GA1.2.1683078313.1641528578
.thedailystar.net/ Name: _gid
Value: GA1.2.1121597369.1641528578
.thedailystar.net/ Name: _gat
Value: 1
.thedailystar.net/ Name: _fbp
Value: fb.1.1641528578088.2142128714
.addthis.com/ Name: uvc
Value: 1%7C1
.addthis.com/ Name: loc
Value: MDAwMDBFVURFQlkyMjk0MTkwMjAwNTAwMDBDSA==
.doubleclick.net/ Name: IDE
Value: AHWqTUmb5Dm4bqAQC2a-LSWSn4SLL_kqcTvQ3SInQcfNruTt2vp0zzqJqPlD1VGwZXw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.thedailystar.net/ Name: __gads
Value: ID=859780b37ab65b8e-22f3bd7c17cd0090:T=1641528578:S=ALNI_MYW5z6u8ZYglUfoj4YCuvFnffTgxA

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1b9d4d9fc049fd92ecc0e5ca201cff78.safeframe.googlesyndication.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
cat.nl.eu.criteo.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
certify-js.alexametrics.com
certify.alexametrics.com
connect.facebook.net
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
img.thedailystar.net
m.addthis.com
pagead2.googlesyndication.com
pix.eu.criteo.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s7.addthis.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.thedailystar.net
z.moatads.com
s7.addthis.com
104.75.88.126
107.154.80.121
142.250.186.130
143.204.98.17
143.204.98.34
178.250.2.135
178.250.2.148
178.250.2.150
2.18.235.40
2606:4700::6810:125e
2606:4700::6810:5714
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9d
2a02:2638:1::11
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::2
2a02:e980:5a::79
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.136.15.54
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
065017485a89b7bce378e84d4b8cfb7c844c0bd4f8521c2523f444f9a57bc59d
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0abb6f712bb7adbc8a591b5f55d3206e41a338ea50161592b0fb1959d80db688
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d50ed47c1f594367d5edcfd4029b9af4093587e89fb01c2f431ac71240cc565
0d6a90e2bfa1f23c03dbae7014b5b21ac6190b062bdd6fc5b21fcacb5c7eae01
0f839003422e5fe9c2dfd0e43d629d2f33a379e98c1558a6f5b7f5ef5cdf99b8
0f9a9d837264a9eebadbbbe14f59c2a23c67234396e808561e2cbe7506e70ed7
10ba04dd2307ff746994774973da29c3aa184f5d885dd102bec2f105fdb06fc8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
145b5fc96421eb9a2c0b148cf27b5dd13ce95d49c53de74670c641d4a69c1a89
16bc11c77462618278bd375e4d9d199270cd40f24f68ef68b089503920be1b48
18175281dd4a8f377e4f51d4f455b8e41afae0a739c7a9f280f44b507afcf6fe
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
1fa69220188d732c02aae29fcdc0962d1cb62a8bdd6237779f89d17e4f74c041
23b9b39ea61308052256b9921bf1c0de6698bcf0c04e3e4f2978adc86168ff6e
260152ce49fdbda7b0f1e2f69d61ce39ba49de9a161971192cdf63af15207dbf
264d14a28b855f3aed8e4320d2ddce810a4419173367317622fd1bc5d2870af7
2a1f3af2b627d36c3d570c687715a16b0f438281fb352cc4aa557a0fb63b87f8
34e6602832df7b4d2bb900f69c061c5f9fe55518dfc1272ce598b2e92853a2dc
35489e0c94e5bba3a60e14f62ea89c61ba667fb0913db486a16ce1cde5834f7d
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
3b8f945bd8f37ee8e02a8c21fa9468a896fc23ac99c8f068576f92403a2403af
44bc4a17199ec4f353892cda3cdb02d401ba5fc9562aae091a1bf1f2fbf9151e
476d203491d2bd6cebf34f805416c1eaa2fa359587750f2654f60aaa9925a33a
4895b2c573fbfa5598d6441372a3a56e15b5541459f8124fa6b41308825c9900
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
518bb6cce30e70a06e060ae7486feb336baf05441e075fa4bb35f5f3f3a1360d
54c693f74b0f424d1d235e2575eee186254d744aba38fb1ab52135f581c8d19e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57fd412bc2d3d76b4f01754177d556d3bc7cfba2302c87742b01dd8de9863078
58120389719db6ed2d9b42aa33e590e7561d7e23aa168ea269291f54fd85a2b8
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5caeb608377e834651aa20af743ddcf070cb96338a282a09d4fabb10afe7ea8a
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
605bfe8a0c72aa433f7db8172fc2ece9366ced4aac55faf3709e91801b07b668
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636a2d953f3deb5b9990ad7551f3288293dbe59af1cdcd462cd5cce86fd0dd90
64bbf2b88a7d05a336318e45c9ab25a8d9224e89775436682efcc78a5fe2bb45
79ac5cb3a26ae275bf8b4a2410362983a84e7e7010791e7fe8810f19f95dd614
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7f83c842f0a02ffd0a7f1349149f158b522bfb1eb36f08a7f7303b0aada001ad
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90da2f2781e95f66e69fb509121af2f88e99df69b0c6dd0fdd7b7a3f2ed33417
922304b29a3498a7d7ed4e0f37e7ac86919adcfd616ef58706f12b46749593bf
93cbd24495ede0288f537d396e0e6c2a26b042d8ed6fbd69d3c798d739936e12
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
9ec0b662d13333eaf3324de61d7248a0e961b2175fd2b2e81eb24ac5e19e39d5
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b09b4568e6d05c7d8721203cf78dd283559194f22f72159d381b4e0a12c81641
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b374ab69ed843340ca5fba046e3005a70f6e436e141a24defcf2d570acf2917e
b52196801257a610b9019b2555326548b8f4971cf4f165359d3d48fb59396cad
b9c75075515f40791aeca058e3b879e0d82da4406a6a5a78f2de33e4ac92047f
bb1160602c44c91d4d3f78f40798e8b036320e13f3b6228e5b2ea6ea73c7afb8
bf5fc25bc4f89072ca99ed8d411fccc434fc01ac6e11fccdcc71cd387f60ee82
c2d3804aea13181b8e20a3d4e9e04ca73e1087f955bd4013bdebcd76f29a4281
c3e11f92bbff59d805a1df3c7e88264cac22798e562cfc0581b0d2d49da310e6
c45e81ad896196f59cd468f77fdc0461ea8dfdb3d37171882978ee003aef4bed
cac80651c7b6bf095be62d4aad178deed1abdbf7fc909e97bcba5003bebc73a0
cfc194c2b5bdcbc7de2585d42ec3c1ef216f8af3c68729d6f18804761a1319dc
d404a106056879d889c1f9f42a965f9eecd8418d9a82a3c5f631754773c7cd30
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
da30f3be4f2509f03c6c447e79f6a663a8db11301c6b6edc74300cbdf8584746
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e89216e59c09848f1d94e8c143b2ebbc00d6992aa35af0d2e810bef88f6fcf
e73a2afb0da4b08aa775f1ffcf608c62e24d18739b0d1414b152de80b280858f
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
e9d45467f4833ab1983bd81ff30bd233a58feb324dc84a8e22a8f303f91a3409
eeeefd14cc029aa6cd646a071d7a060970d4b9832e1611d8c7584bbfc45d5ee9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8f24cedb59e0336efdfa9838562a5cb6cc9f93dbaa772df4338fcbe758eb0f
f02884ee23e3924f0ed37338734c807c939e3b47cb24f3db857e9c0fe5916ae0
f2dacab6e946da3b760430fc260f6799df86bfa717728dc8bfaa899a8dfd404e
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f835873d962e7bba523cceced16d7f5189cc0b3240e098bb9a97d5754ac01415
fa65dbf87a1d000476d250f10862aa8a6d28d5892c524a5f74085d3ee2dc28bd
ff3b5cfaf96faedb2c9b14649948b7e221fb323c876d5d634a00e1072681f2e5
ff70bdf36f985a7cd1c5b8e67f161868c00ea0d31b4edd8ea558fa1f6bff6d1a